In the latest package update of Madara (v., we have included a small add-on call OptionTree Lean. We recommend all users to use this plugin to enhance your Madara site’s security. How to do it?

  • Once you have configured your site using the original OptionTree (Theme Options) plugin, install the OptionTree Lean plugin, then disable the original OptionTree.
  • Now the Theme Options page will be disabled, ie. you cannot modify the settings. But all the settings you have configured are read-able.
  • If you want to configure your site again, just activate the original OptionTree plugin again

So the main purpose of the OptionTree Lean add-on is to make your Theme Option read-only, to prevent any possible exploitation.

One extra step to secure all your WordPress files from modification is to make them Read-Only. To do that, use your SSH terminal, connect to your site and run these commands

cd [root-www-dir]
chattr -R +i public_html
cd public_html
chattr -R -i wp-content/plugins/madara-core/extract
chattr -R -i wp-content/uploads

where [root-www-dir] is often /var/www/ , the root folder of your site folder.

Read more about security enhancement here:


Leave a Reply

Your email address will not be published. Required fields are marked *


4 × 2 =