Why does iThemes Security require the latest WordPress version? Can't I use a slightly older version?
- One of the best security practices for a WordPress site owner is keeping software up to date. Because of this, we only test this plugin on the latest stable version of WordPress and will only guarantee it works in the latest version.
Will this plugin completely stop all attacks on my site?
- No. iThemes Security is designed to help improve the security of your WordPress installation from many common attack methods, but it cannot prevent every possible attack. Nothing replaces diligence and good practice. This plugin makes it a little easier for you to apply both.
Is "one-click" protection good enough?
- One-click protection will help reduce the risk of attack on your site, but we recommend fixing as many high, medium and low priority items in the Security Status section as possible. If you have a plugin or theme that conflicts with an iThemes Security feature, we recommend deactivating the offending feature.
Is this plugin only for new WordPress installs or can I use it on existing sites, too?
- Many of the changes made by this plugin are complex and can break existing sites. While iThemes Security can be installed on either a new or existing site, we strongly recommend making a complete backup of your existing site before applying any features included in this plugin.
Will this plugin work on all servers and hosts?
- iThemes Security requires Apache or LiteSpeed and mod_rewrite or NGINX to work.
- While this plugin should work on all hosts with Apache or LiteSpeed and mod_rewrite or NGINX, it has been known to experience problems in shared hosting environments where it runs out of resources such as available CPU or RAM. For this reason, it is extremely important that you make a backup of your site before installing on any existing site. If you run out of resources during an operation such as renaming your database table, you may need your backup to be able to restore access to your site.
- Finally, please make sure you have adequate RAM if you plan to use the file change detector or make large backups.
Does this work with network or multisite installations?
- Yes. We're in the process of developing more documentation, so we'll update this as soon as it's ready.
Can I help?
What changes does this plugin make that can break my site?
- iThemes Security makes significant changes to your database and other site files which can be problematic for existing WordPress sites. Again, we strongly recommended making a complete backup of your site before using this plugin. While problems are rare, most support requests involve the failure to make a proper backup before installation. DISCLAIMER: Under no circumstances do we release this plugin with any warranty, implied or otherwise. We cannot be held responsible for any damage that might arise from the use of this plugin.
- Note that renaming the wp-content directory will not update the path in existing content. Use this feature only on new sites or in a situation where you can easily update all existing links.
- Fixing iThemes Security Lockouts
- What is Changed By iThemes Security
I've enabled the Enforce SSL option and it broke my site. How do I get back in?
- Open your wp-config.php file in a text editor and remove the following 2 lines:
- define('FORCE_SSL_LOGIN', true);
- define('FORCE_SSL_ADMIN', true);
Where can I get help if something goes wrong?
- Official support for this plugin is available for iThemes Security Pro customers. Our team of experts is ready to help.
Free support may be available with the help of the community in the WordPress.org support forums (Note: this is community-provided support. iThemes does not monitor the WordPress.org support forums).