settings for malware?

Hi, this plugin will protect your site from frontal attacks and it will prevent your site from being spammed. If someone hacked your site from the server side then this plugin cannot control that action.

First check to make sure you have minimal security features enabled, go to WP Security -> Dashboard. Check to make sure you have the following enabled.

1. Admin Username
2. Login Lockdown
3. File Permission
4. Basic Firewall

Once you have check the above then make sure you carry out the following.

1. Do you have the following enabled Rename Login Page under Brute Force tab?
2. Go to WP Security -> Filesystem Security and make sure you have the correct file permissions added to your site.
3. If your site allows people to sign up then I suggest that you enable the following Login Lockdown under User Login tab.
4. You should also enable one of the following features…..Completely Block Access To XMLRPC: or Disable Pingback Functionality From XMLRPC:
5. You should also check the Additional Firewall Rules.

The above should set your website between basic to intermediate security level. There are many more features you will need to investigate further. But this should put you on the right track.

Let me know if you need more help.

Regards

• This reply was modified 9 years, 7 months ago by mbrsolution.

Hi, for step number 4 click on WP Security -> Firewall -> Basic Firewall Rules.

Let me know if you need more help.

Regards

In regards to point number 5, it is up to you to decide which security feature you want to enable. I pointed you to that area for you know. Remember not all features will work for you depending on the site you are installing the plugin.