How to Use WP Toolkit to Manage WordPress (WordPress Hosting Plan)

Manage your WordPress site using WP Toolkit on Cynet WordPress Hosting — update core, themes, and plugins, enable security features, create staging, and manage backups from one dashboard.

How-To 6 min read Updated 2026-03-01 Beginner Cynet Support

Quick Answer

Log in to cPanel → WP Toolkit (in the sidebar or Domains section) → You'll see your WordPress installation with one-click options to update, secure, stage, backup, and manage plugins/themes. WP Toolkit is exclusive to WordPress Hosting plans.

WP Toolkit is a premium WordPress management interface built into cPanel on Cynet WordPress Hosting plans. It provides a centralised dashboard to install, update, secure, stage, and manage every aspect of your WordPress site — without needing to log in to the WordPress admin panel.

On a Business Hosting plan? WP Toolkit is not available on Business plans. Use Softaculous instead — see How to Install WordPress Using Softaculous.

Accessing WP Toolkit

  1. Log in to cPanel (yourdomain.com/cpanel)
  2. Look for WP Toolkit — it's usually pinned in the cPanel sidebar or found under the Domains section
  3. Click WP Toolkit to open the management dashboard
You'll see a card for each WordPress installation on your account with its status, version, and quick action buttons.

WP Toolkit Dashboard Overview

The main dashboard shows each WordPress site with:

  • Site name and URL
  • WordPress version (with update indicator if outdated)
  • SSL status — Whether HTTPS is active
  • PHP version — The PHP version assigned to the site
  • Plugin/Theme update counts — Number of available updates
  • Security status — Whether security hardening is applied

Installing WordPress via WP Toolkit

New Installation

  1. In WP Toolkit, click Install
  2. Configure the settings:
- Domain: Select your domain - Directory: Leave blank for root, or enter a subfolder - Site Title: Your website name - Admin Username: Choose a unique name (avoid "admin") - Admin Password: Use a strong password - Admin Email: Your email address - Database: Auto-generated (leave default) - WordPress version: Latest stable (recommended)
  1. Click Install
WordPress is installed and ready within seconds.

Import Existing Installation

If WordPress was installed manually or via another tool:

  1. Click Scan in WP Toolkit
  2. WP Toolkit will detect existing WordPress installations
  3. They'll appear in the dashboard and can be managed normally

Updating WordPress

One-Click Updates

  1. On the WP Toolkit dashboard, look for the Update badges on your site card
  2. Click Update to see available updates for:
- WordPress Core - Plugins - Themes
  1. Select what to update and click Update

Smart Update (Safe Update)

WP Toolkit's Smart Update feature tests updates before applying them:

  1. Click Update on a site card
  2. Enable Smart Update if available
  3. WP Toolkit will:
- Create a staging copy - Apply the update on the staging copy - Run automated checks to detect issues - Show a comparison (screenshots before/after)
  1. If everything looks good, click Apply to push the update to live
This prevents broken sites from bad updates.

Auto-Updates

  1. Click on your site card to expand it
  2. Go to Updates Settings
  3. Configure:
- Auto-update WordPress: Minor/Major/No - Auto-update Plugins: Yes/No - Auto-update Themes: Yes/No
  1. Save settings

Security Hardening

WP Toolkit includes a security scanner that checks your WordPress installation and applies fixes.

Run Security Check

  1. Click on your site card
  2. Click SecurityCheck Security
  3. WP Toolkit scans for common vulnerabilities and displays results

Apply Security Fixes

Common security measures WP Toolkit can apply:

Security MeasureWhat It Does
Block directory browsingPrevents visitors from listing folder contents
Restrict access to filesProtects wp-config.php, .htaccess, etc.
Block PHP execution in uploadsPrevents malicious scripts in /wp-content/uploads/
Change database table prefixChanges the default wp_ prefix for security
Block author scansPrevents username enumeration via ?author=1 URLs
Disable XML-RPC pingbacksPrevents abuse of the XML-RPC endpoint
Disable file editing in DashboardRemoves the Theme/Plugin Editor from WordPress admin
Click Secure next to each recommendation, or Secure All to apply everything at once.

Staging and Cloning

Create a Staging Site

  1. On the site card, click Clone or Create Staging
  2. Choose a staging subdomain (e.g., staging.yourdomain.com) or subdirectory
  3. Click Create
  4. WP Toolkit creates an exact copy for testing

Push Staging to Live

After testing changes on the staging site:

  1. Open the staging site in WP Toolkit
  2. Click Copy Data
  3. Choose the live site as the destination
  4. Select: Files, Database, or Both
  5. Review and confirm — staging changes are pushed to the live site

Sync Live to Staging

To refresh your staging site with the latest live data:

  1. Open the staging site card
  2. Click Copy Data with the live site as the source
  3. This overwrites staging with fresh live data

Backup and Restore

Create a Backup

  1. On the site card, click Back Up/RestoreBack Up
  2. WP Toolkit creates a full backup (files + database)
  3. Backups are stored and listed in the backup manager

Restore a Backup

  1. Go to Back Up/Restore
  2. Select the backup to restore
  3. Click Restore
  4. Confirm — the site reverts to the backup state

Managing Plugins and Themes

From the WP Toolkit Dashboard (No WordPress Login Needed)

  1. Click on your site card to expand it
  2. Switch to the Plugins or Themes tab
  3. From here you can:
- Activate/Deactivate any plugin or theme - Update individual items - Remove unused plugins or themes - Install new plugins or themes
This is especially useful if a plugin has broken your site and you can't access the WordPress admin panel — you can deactivate it from WP Toolkit.

Changing PHP Version

  1. Click on your site card
  2. Find the PHP version displayed on the card
  3. Click it to change the PHP version
  4. Select the desired version (e.g., 8.1, 8.2, 8.3)
  5. Save — the change takes effect immediately
Tip: Always use the latest PHP version supported by your WordPress theme and plugins for best performance and security.

Troubleshooting

WP Toolkit not showing in cPanel

WP Toolkit is exclusive to WordPress Hosting plans. If you're on a Business, Premium, or other plan, use Softaculous instead. Check your plan type in the Cynet client area at manage.cynet.com.my → My Services.

"No WordPress installations found"

Click Scan to detect existing installations. If WordPress was installed in a non-standard location, WP Toolkit may need a manual scan to find it.

Plugin broke the site — can't access WordPress admin

  1. Open WP Toolkit → click on the site card
  2. Go to the Plugins tab
  3. Deactivate the problematic plugin
  4. Your site should be accessible again
  5. Investigate the plugin issue before reactivating

Update caused errors

  1. If Smart Update was used, the update wasn't applied to live — no action needed
  2. If a direct update caused issues, restore the pre-update backup from WP Toolkit → Back Up/Restore
  3. Test the update on staging first before trying again
WordPress WP Toolkit cPanel WordPress hosting update staging security backup

Related Articles

How to Install WordPress Using Softaculous in cPanelHow to Manage WordPress Installations with Softaculous

Need our team to handle this?

Need WordPress, Joomla, or another web application installed? Submit a request and we'll set it up for you.

Submit Script Installation Request

Was this article helpful?

Not sure which hosting plan is right for you?

Get a personalized recommendation in under 60 seconds.

Find the Right Plan