WP Security Pro – WordPress Security Plugin (Add-ons)
WP Security Pro, a comprehensive, easy to use and well featured WordPress security plugin. WordPress itself is a very secure platform. However, it helps to add some extra security and firewall protection to your site by using WP Security Pro plugin that enforces a lot of good security practices.
In most of the time WordPress attacks are a result of plugin vulnerabilities, weak passwords, and obsolete software. WP Security Pro will hide the places those vulnerabilities live keeping an attacker from learning too much about your site and keeping them away from sensitive areas like login, admin, etc.
WP Security Pro plugin will take your website security to a whole new level with it’s best WordPress security features and techniques and combines them in a single plugin. Thereby ensuring that as many security holes as possible are patched without having to worry about conflicting features or the possibility of missing anything on your site. It reduces security risk by checking for vulnerabilities, and by implementing and enforcing the latest recommended WordPress security practices and techniques.
You can make your website basic secured by one-click activation of most features. As well as if you are experienced user, you can activate advanced features for better security to protect any site.
Below is a top list of the security and firewall features offered in this plugin:
- Quick Statistics and quick action widget in WordPress admin dashboard
- Anti-spam and captcha protection by Open-source free PHP CAPTCHA library by http://www.phpcaptcha.org is included (customized version)
- Set CAPTCHA on the forms for comments, registration, lost password, login, or all.
- Allows Trackbacks and Pingbacks.
- Remove the meta “Generator” tag
- Change the urls for WordPress dashboard including login, admin, and more
- Completely turn off the ability to login for a given time period (away mode)
- Rename “admin” account
- Change the ID on the user with ID 1
- Backup WordPress database
- Change the WordPress database table prefix
- Remove theme, plugin, and core update notifications from users who do not have permission to update them
- Remove Windows Live Write header information
- Remove RSD header information
- Change wp-content path
- Removes login error messages
- Enforce strong passwords for all accounts of a configurable minimum role
- Force SSL for admin pages (on supporting servers)
- Force SSL for any page or post (on supporting servers)
- Turn off file editing from within WordPress admin area
- Display a random version number to non administrative users anywhere version is used
- Scan your site to instantly tell where vulnerabilities are and fix them in seconds
- Ban troublesome bots and other hosts
- Ban troublesome user agents
- Prevent brute force attacks by banning hosts and users with too many invalid login attempts
- Strengthen server security
- Monitor filesystem for unauthorized changes
- Create and email database backups on a customizable schedule
- Make it easier for users to log into a site by giving them login and admin URLs that make more sense to someone not accustomed to WordPress
- Detect hidden 404 errors on your site that can affect your SEO such as bad links, missing images, etc.
- Detect and block numerous attacks to your filesystem and database
- Detect bots and other attempts to search for vulnerabilities
- Works on multi-site (network) and single site installations
- Works with Apache, LiteSpeed or NGINX
- Some features can be problematic if you don’t have enough RAM to support them. All my testing servers allocate 128MB to WordPress and usually don’t have any other plugins installed.
- Works with WordPress 2.9+, WPMU, and BuddyPress (WordPress 3.6+ is highly recommended)
- PHP5+ is highly recommended