I'm a complete newbie to WordPress and WPMUDEV so will apologise in advance for some pretty stupid questions, but if you don't ask you'll never find out!
Just recently I've taken over the administrator role for a website and recommended we transfer hosting over to SiteGround as there were a few issues with the provider we were with.
SiteGround transferred everything across and all seems to be working fine, it's on a shared hosting plan and it had a TablePress plugin already in place. I activated an SSL certificate, installed the Akismet Pro & VaultPress Lite Bundle and WordFence plugins.
I came across WPMUDEV, really liked what I saw and joined! I added the WPMU DEV Dashboard and then the WP Defender plugins.
To prevent me from breaking the website and because I don't know what I can and can't do without causing problems, I thought I'd ask these questions first before doing anything!
I came across this: Please note the nested WP install on your site will not be scanned. Install WP Defender there to scan separately.
Q1. How do I find the nested WP install?
Under HARDENING I have 2 issues:
Issue #1. Change default database prefix
Q2. How do I backup the database before changing the prefix?
Q3. What kind of thing would be a unique prefix?
Issue #2. Prevent Information Disclosure
Q4. How do I find out if I'm using NGINX servers?
Q5. Do I just click IGNORE if I'm not using NGINX servers?
Under SCAN REPORT I have 10 items all to do with the WordPress core.
There are 9 x Unknown file in WordPress core:
Q6. What do I select here as I'm not sure: Resolve Issue, False Alarm, Delete This File?
Q7. If I click Resolve Issue what do I do?
There is 1 x This WordPress core file appears modified
Q8. What do I select here as I'm not sure: Resolve Issue, False Alarm, Delete This File?
Q9. If I click Resolve Issue what do I do?
Again, sorry for what are probably basic stupid questions!