SiteFort documentation
Tools
Advanced security and configuration utilities. Covers salt regeneration, encryption key rotation, database prefix changes, User ID migration, diagnostics, and configuration transfer.
Tools
The Tools page provides advanced security and configuration utilities. Many tools intentionally change authentication, database, encryption, or configuration state. SiteFort requires explicit confirmation for sensitive actions.| Tool | What it does | Before you run it |
|---|---|---|
| Regenerate Security Salts | Replaces WordPress authentication constants in wp-config.php, invalidating every active session. | Warn administrators and expect all users to sign in again. |
| Rotate Encryption Key | Generates a new encryption key and re-encrypts stored secrets, including API tokens, cloud credentials, and 2FA data. | Back up the site and run during a maintenance window. |
| Change Database Table Prefix | Renames WordPress database tables to use a non-default prefix. | Take a full database backup. Confirm the new prefix starts with a letter or underscore, contains only letters, numbers, and underscores, and ends with an underscore. |
| Change User ID 1 | Reassigns the primary administrator account from default User ID 1 to a randomized value. | Expect forced logout. Confirm the administrator can sign in afterward. |
| Change Admin Username | Renames the default admin username to a custom username of your choice. The default username is a common brute-force target; replacing it removes a known attack vector. | Choose a username that is not publicly visible on the site. Expect forced logout. Confirm the new username works before closing the session. |
| File Permissions Audit | Reviews permissions across WordPress core, plugins, themes, uploads, SiteFort data, mu-plugins, wp-config, and server configuration. | Run after migration, cleanup, or a hosting change. Review overly permissive paths. |
| Manual Configuration Rules | Generates wp-config.php constants and server rules for manual deployment when automatic writing is disabled. | Use for managed Nginx, locked-down hosting, or externally managed server configuration. |
| Configuration Transfer | Exports settings JSON or imports selected JSON. Secrets and API credentials are stripped from exports. | Use for staging-to-production policy transfer, then reconnect integrations and secrets manually. |
| Diagnostics | Reviews environment, configuration, and connectivity health. | Run before contacting support or after a confusing firewall, scanner, or integration state. |