iThemes Security Pro is a WordPress plugin from iThemes developers, that takes your website security to the next level. Your WordPress website needs a security strategy that includes a trusted WordPress security plugin like iThemes Security Pro. WordPress currently powers over 25% of all websites, so it has become an easy target for hackers with malicious intent.
Make sure your WordPress website is secure and protected with iThemes Security Pro. iThemes Security Pro works to fix common WordPress security issues you may not know exist. By adding an extra layer of protection, iThemes Security Pro helps give you peace of mind—and keeps the bad guys out. Here is a main plugin features:
WordPress Brute Force Protection. Limit the number of failed login attempts allowed per user with WordPress brute force protection. If someone is trying to guess your password, they’ll get locked out after a few attempts.
File Change Detection. If someone manages to get into your site, they’ll probably add, remove or change a file. Get email alerts showing any recent file changes so you know if you’ve been hacked.
404 Detection. If a bot is scanning your site for vulnerabilities, it will generate a lot of 404 errors. iThemes Security will lock out that IP after the limit you set (20 errors in 5 minutes by default).
Strong Password Enforcement. Set which level of users on your site (admins, editors, users, etc.) need to have strong passwords. Strong password enforcement is one of the best ways to lock down WordPress.
Lock Out Bad Users. Keep bad users away from your site if they have too many failed login attempts, if they generate too many 404 errors, or if they’re on a bot blacklist.
Away Mode. Not making changes to your site 24 hours a day? Harden WordPress by making the WordPress dashboard inaccessible during specific hours so no one else can sneak in and attempt to make changes.
Hide Login & Admin. Change the default URL of your WordPress login area so attackers won’t know where to look. This feature is also great to help clients remember their login link.
Database Backups. Schedule database backups and have them emailed to you. Make complete backups and send them to off-site storage destinations.
Email Notifications. Get email notifications when someone gets locked out after too many failed login attempts or when a file on your site has been changed.
Google reCAPTCHA Integration. Add an extra layer of protection to your most vulnerable pages such as the WP login, user registration and comments with Google’s reCAPTCHA.