iThemes WordPress Security Pro

For web sites requiring security specifically for WordPress.

Contact us about any WordPress security

WordPress Security Plugin

WordPress security shouldn’t cost a fortune


wordpress security plugin iThemes provides a WordPress security plugin that is essential security for any WordPress site. It’s  unobtrusive and easy to use, even for the novice webmaster. Provided free of charge ($80 value) for any fully managed WordPress site hosted with Hosting And Designs L.L.C.

iThemes Security Pro provides a list of important tasks to do to make your site secure. First of all, the plugin has simple “on” “off” security options. Furthermore, with the included advanced settings and features, you can decide how you want your site security tweaked just to your liking.

Most important security steps are highlighted in red while less urgent security is in yellow. You will be able to defend your website against vulnerabilities you might not even know existed such as brute force protection, file change detection and also security recommendations such as strong password enforcement and hiding or changing default settings.

The Dashboard Widget is new feature being offered which allows quick access to security stats and temporarily whitelisting IP’s for example without having to navigate to the WordPress security plugin’s settings.

Another new feature is iThemes’ ability to determine if any changes were made to the core WordPress installation files to determine if any changes were malicious.

An option that is currently still in the works is blocking spam or brute force attacks from specific countries. You will be able to block IP addresses by country, called Geo-IP banning.

A setting that Hosting And Designs L.L.C. likes about iThemes WordPress Security plugin is the insistence of a strong admin password. It can also be strengthened with a “Two Factor Authentication” This sends a security code to a smartphone or email address. The password and code are required to be able to log in to the WordPress admin account which adds an extra layer of security.

wordpress security pluginIn addition, malware scanning is also included (which requires a couple extra steps to setup) as part of the  WordPress security plugin. Malware is difficult to detect without the right software and can be used to obtain sensitive information and wreak havoc with any website. Malware scanning is scheduled on a regular basis. It will analyze your site and identify malicious content, phishing software or even suspicious code.

Hosting And Designs L.L.C. does not believe server and website security should be expensive. All VPS hosting plans and dedicated servers that use WordPress have access to the WordPress security plugin. Along with off-server FTP backups, all clients should have a more secure site and frequent backups included as part of our services. Most noteworthy, all fully managed WordPress hosting comes with the WordPress security plugin automatically at no charge.

For more information please visit the iThemes WordPress security site.


iThemes WordPress Security Pro

WordPress security for VPS & dedicated server clients

Strong password enforcement

Two-factor authentication – Either via smartphone or email.

Malware scanning – Daily scans with email alerts.

Version management – Protect your site when outdated software is not updated quickly enough.

Hide backend – Changes default WordPress login location.

User logging – Log user actions such as login, saving content and others.

Privilege escalation – Allow administrators to temporarily grant extra access to a user of the site for a specified period of time.

Brute force detection – Protect your site against attackers that try to randomly guess login details to your site. Hide backend helps significantly with this issue too.

Is WordPress a secure CMS?

wordpress security pluginSecurity is one feature that too often becomes neglected and results in WordPress sites becoming infected with malware. This can come from free theme installs that are intentionally infected or plugins that are from unknown publishers.

Also, WordPress itself discovering vulnerabilities and issuing updates but are not updated by the host or user. Plugins can also gain a lot of access to a site that can indeed provide an easy opportunity for a hacker. A useful site for WordPress security is

Because WordPress sites are constantly being hacked may lead some to believe that WordPress is insecure. This is due to the fact that there are so many WordPress sites that many are left unsecured. There are still many webmasters that fail to update and secure their WordPress sites as they should. Some may also still believe that WordPress is a blog-only CMS which it originally was and certainly still can be used for.  With the plethora of beautiful designs and customization now available it’s difficult to distinguish between a WordPress site and another.

wordpress security pluginMany WordPress themes are designed with mobile device screen resolutions in mind. They are automatically able to adjust the website’s design in real-time as it detects different screen resolutions. Even while changing an internet browser window size on a desktop computer can the user see the design of the website change automatically. A similar thing happens on a mobile device which has less screen real estate.

WordPress is also considered by many to be very search engine friendly especially if the basic Search Engine Optimization tips have been implemented. There is even a popular SEO plugin called Yoast to help with this.

In many cases, however, users just want an easy to manage website that they or the host can run, design and secure and if that happens to be WordPress then that works for them. As of September 2017, WordPress powers 29% of the internet with 50,000 sites being added at WordPress alone. That should mean WordPress is doing something right.

iThemes WordPress Security Pro

For web sites requiring security specifically for WordPress.

Contact us about any WordPress security