OneClick WordPress Security Check in iThemes Security

One-Click WordPress Security Check in iThemes Security

Written by

Kristen Wright

March 4, 2020

Last Updated On March 6, 2020

The latest version of iThemes Security Pro (6.4.2) & iThemes Security Free (7.6.1) includes a new “one-click” WordPress Security Check for your WordPress site. The Security Check feature is designed to help save you time and ensure your site is using the recommended security settings.

Features/Settings Enabled by Security Check

With just one click of the “Secure Site” button, iThemes Security will enable and configure all the recommended security features and settings within the plugin. This table lists out the feature/setting and the benefits activated by the Security Check.

Feature/Setting Benefit
Banned Users Blocks specific IP addresses and user agents from accessing your site
Database Backups Creates database backups manually or on a schedule
Local Brute Force Protection Protects your site against attackers that try to randomly guess login details to your site
Malware Scan Scheduling (Pro) Protects your site with automated malware scans. When this feature is enabled, your site will be automatically scanned each day
Network Brute Force Protection Protects your site against known attackers before they reach your site
Strong Passwords (Pro) Helps enforce that powerful (admin) accounts choose strong passwords for their logins
Two-Factor Authentication (Pro) Greatly increases the security of your WordPress user account by requiring additional information beyond your username and password in order to log in to the site
User Logging (Pro) Logs user actions such as login, editing or saving content and other actions into a viewable list
WordPress Tweaks This feature has a variety of settings that change the behavior of WordPress

By using the “Secure Site” button, the following settings actions will be taken (if they were not previously set):

  • Enable the Enable Ban Lists setting in Banned Users. This ensures that IPs being blocked by other features are not ignored due to the setting being disabled.
  • Enable the Email Notifications setting in Malware Scan Scheduling to ensure that site admins are notified of potential malware issues.
  • Enable the Time-Based One-Time Password (TOTP) provider for Two-Factor Authentication. When a user sets up their account to use TOTP authentication, they greatly increase the security of their account and make it near impossible for attackers to break into their account.
  • Enable the Email provider for Two-Factor



This article was written by Kristen Wright and originally published on WordPress News and Updates from iThemes – iThemes.

Disclosure: Some of the links in this post are "affiliate links." This means if you click on the link and purchase the product, We may receive an affiliate commission.

Leave a Comment

Your email address will not be published. Required fields are marked *

Show Your ❤️ Love! Like Us
Scroll to Top