Support » Plugin: iThemes Security (formerly Better WP Security) » Good tool, but needs a careful hand

  • johnwbyrd

    (@johnwbyrd)


    I really love and appreciate this plugin. However, I can see how it would be easy for someone without a great deal of knowledge to be able to screw up their system, especially with the implicit https functionality. It’s very important functionality, but it’s too easy for WordPress admins who don’t exactly know what they’re doing to screw up their own install.

    I would suggest having “Automatic” and “Expert” modes in the plugin where all the “Automatic” settings are safe, and the “Expert” settings can disable your site. Additionally, I would make it so that the plugin tests itself with the new https setting before it proceeds to set it permanently in wp-config.php.

    I might also suggest that ithemes creates a secret URL at the beginning of a session that permits the user to reverse all their most recent changes to a known good state.

    All this stuff is to help the newbies who try to solve problems by clicking everything.

    But if you know what you’re doing, and are careful: this plugin does a lot of really important security stuff that is very hard to do any other way.

    • This topic was modified 4 months ago by  johnwbyrd.
  • You must be logged in to reply to this review.