March 4, 2020
Last Updated On March 6, 2020
The latest version of iThemes Security Pro (6.4.2) & iThemes Security Free (7.6.1) includes a new “one-click” WordPress Security Check for your WordPress site. The Security Check feature is designed to help save you time and ensure your site is using the recommended security settings.
Features/Settings Enabled by Security Check
With just one click of the “Secure Site” button, iThemes Security will enable and configure all the recommended security features and settings within the plugin. This table lists out the feature/setting and the benefits activated by the Security Check.
|Banned Users||Blocks specific IP addresses and user agents from accessing your site|
|Database Backups||Creates database backups manually or on a schedule|
|Local Brute Force Protection||Protects your site against attackers that try to randomly guess login details to your site|
|Malware Scan Scheduling (Pro)||Protects your site with automated malware scans. When this feature is enabled, your site will be automatically scanned each day|
|Network Brute Force Protection||Protects your site against known attackers before they reach your site|
|Strong Passwords (Pro)||Helps enforce that powerful (admin) accounts choose strong passwords for their logins|
|Two-Factor Authentication (Pro)||Greatly increases the security of your WordPress user account by requiring additional information beyond your username and password in order to log in to the site|
|User Logging (Pro)||Logs user actions such as login, editing or saving content and other actions into a viewable list|
|WordPress Tweaks||This feature has a variety of settings that change the behavior of WordPress|
By using the “Secure Site” button, the following settings actions will be taken (if they were not previously set):
- Enable the Enable Ban Lists setting in Banned Users. This ensures that IPs being blocked by other features are not ignored due to the setting being disabled.
- Enable the Email Notifications setting in Malware Scan Scheduling to ensure that site admins are notified of potential malware issues.
- Enable the Time-Based One-Time Password (TOTP) provider for Two-Factor Authentication. When a user sets up their account to use TOTP authentication, they greatly increase the security of their account and make it near impossible for attackers to break into their account.
- Enable the Email provider for Two-Factor
This article was written by Kristen Wright and originally published on WordPress News and Updates from iThemes – iThemes.