iThemes WordPress Security Pro

For web sites requiring security specifically for WordPress.

Contact us about any WordPress security

iThemes WordPress Security Pro

WordPress security shouldn’t cost a fortune

WordPress security from iThemes provides essential security for any WordPress site that is unobtrusive and easy to use, even for the novice webmaster. Provided free of charge ($80 value) for any WordPress site hosted with Hosting And Designs L.L.C.

iThemes Security Pro provides a list of important tasks to do to make your site secure with either simple “on” “off” options or slightly more clicking involved as you decide how you want your site security tweaked just to your liking!

Most important security steps are highlighted in red while less urgent security is in yellow. You will be able to defend your site against vulnerabilities you might not even know existed such as brute force protection, file change detection and also security recommendations such as strong password enforcement and hiding or changing default settings.

A new feature being offered is the Dashboard Widget which allows quick access to security stats and temporarily whitelisting IP’s for example without having to navigate to the plugin’s settings.

Another new feature is iThemes’ ability to determine if any changes were made to the core WordPress installation files to determine if any changes were malicious.

A feature that is currently still in the works is blocking spam or brute force attacks from specific countries. You will be able to block IP addresses by country called Geo-IP banning.

A feature that Hosting And Designs L.L.C. likes about iThemes Security Pro is the insistence of a strong admin password that can also be strengthened with a “Two Factor Authentication” that sets up a strong password AND a second code sent to a smartphone. The password and code are required to be able to log in to the WordPress admin account which adds an extra layer of security.

Malware scanning is also included (which requires a couple extra steps to setup) as part of the free WordPress security software. Malware is difficult to detect without the right software and can be used to obtain sensitive information and wreck havoc with any website. Malware scanning can be scheduled on a regular basis to analyze your site and identify malicious content, phishing software or even suspicious code.

Hosting And Designs L.L.C. does not believe server and website security should be expensive. All VPS hosting plans and dedicated servers that use WordPress have access to WordPress security from iThemes if they choose. Along with off-server FTP backups, all clients should have a more secure site and frequent backups included as part of our services to our clients.

For more information please visit the iThemes WordPress security site.

iThemes WordPress Security Pro

WordPress security that is designed specifically for WordPress sites

Strong password enforcement

Two-factor authentication – Either via smartphone or email.

Malware scanning – Daily scans with email alerts.

Version management – Protect your site when outdated software is not updated quickly enough.

Hide backend – Changes default WordPress login location.

User logging – Log user actions such as login, saving content and others.

Privilege escalation – Allow administrators to temporarily grant extra access to a user of the site for a specified period of time.

Brute force detection – Protect your site against attackers that try to randomly guess login details to your site. Hide backend helps significantly with this issue too.

Is WordPress a secure CMS?

Security is one feature that too often becomes neglected and results in WordPress sites becoming infected with malware due to free themes that are intentionally infected or plugins that are from unknown publishers and WordPress itself discovering vulnerabilities and issuing updates but are not updated by the host or user. Plugins can also gain a lot of access to a site that can indeed provide an easy opportunity for a hacker. A useful site for WordPress security is

Due to WordPress sites constantly being hacked may lead some to believe that WordPress is insecure. This is due to the fact that there are so many WordPress sites now that they will constantly be mentioned in hacker activities and there are still many webmasters that fail to update and secure their WordPress sites as they should. Some may also still believe that WordPress is a blog-only CMS which it originally was and certainly still can be used for. But with the plethora of beautiful designs and customization now available it can many times even be difficult to distinguish between a WordPress site and another site built using something else entirely.

Many WordPress themes are designed with mobile device screen resolutions in mind and are automatically able to adjust the website’s design in real-time as it detects different screen resolutions. Even while changing an internet browser window size on a desktop computer can the user see the design of the website change automatically. A similar thing happens on a mobile device which has less screen real estate.

WordPress is also considered by many to be very search engine friendly especially if the basic Search Engine Optimization tips have been implemented. There is even a popular SEO plugin called Yoast to help with this.

In many cases, however, users just want an easy to manage website that they or the host can run, design and secure and if that happens to be WordPress then that works for them. As of September 2016, WordPress powers 26% of the internet with 50,000 sites being added at WordPress alone. That should mean WordPress is doing something right.

iThemes WordPress Security Pro

For web sites requiring security specifically for WordPress.

Contact us about any WordPress security

Pin It on Pinterest

Share This