After a search for good security plugins, I have settled on this, and it's a good one. Just be careful, especially with options that have warnings
3 pcs at the church and my mac at home would get blocked by what this plugin does. it seems to edit/add code to the .htaccess file which blocked legitimate users. so I had to delete for this reason.
This simply works.
But how do I test the security with a third party?
Excellent software, fairly easy to use, just wish the email alerts that came were a little more detailed - never sure if it's coming from this plugin or another one since there is no labelling of the email - just looks like an email from me to me about site lockouts, etc.
Pretty much my only complaint, it's wonderful otherwise.
been trying to access using XML-RPC, and it just won't connect. hide wp-config is unchecked, hide blog header for flickr etc is unchecked...
I can't think what else would be blocking it... I even downloaded a plugin to enable it but BWPS is still blocking it.
edit: was my stupidity, I was accessing using typical permalinks...
instead of using the full path value.
It's great but tweeks doesn't work in windows server :(
This plugin is great except that to do a couple of major tweaks they suggest to do a database backup. I've tried that three times on two different email addresses and there is no backup file attached. Oh course I can do this manually and still run the tweaks but it would be nice if the buttons in the plugin's interface actually sent you the file.
Excellent plugin, many options, the only reason it doesn't get 5 stars its because the login page changes but still some trolls find a way to hit it, with no luck of course! Great work! Thanks for sharing.
Great all-in-one security plugin
2014: There was a little blip of trouble when iThemes took over this plugin, but after a difficult few days, the problem was resolved. The Security plugin is performing at least as well as its predecessor. Thus my earlier comments still hold:
This plugin has been working very well. I get regular updates on changes to my site via email. I've had a flood of "new subscribers" (that is, addresses that want to log in and do mischief) on the site, and Better WP Security points them to a 404 page; end of problem.
You must log in to submit a review. You can also log in or register using the form near the top of this page.