Protect your WordPress site by hiding vital areas of your site, protecting access to important files, preventing brute-force login attempts, detecting
This plugin is great except that to do a couple of major tweaks they suggest to do a database backup. I've tried that three times on two different email addresses and there is no backup file attached. Oh course I can do this manually and still run the tweaks but it would be nice if the buttons in the plugin's interface actually sent you the file.
Excellent plugin, many options, the only reason it doesn't get 5 stars its because the login page changes but still some trolls find a way to hit it, with no luck of course! Great work! Thanks for sharing.
Great all-in-one security plugin
2014: There was a little blip of trouble when iThemes took over this plugin, but after a difficult few days, the problem was resolved. The Security plugin is performing at least as well as its predecessor. Thus my earlier comments still hold:
This plugin has been working very well. I get regular updates on changes to my site via email. I've had a flood of "new subscribers" (that is, addresses that want to log in and do mischief) on the site, and Better WP Security points them to a 404 page; end of problem.
It's simple and clear, gives plenty of information.
I am looking forward to the GitHub Issues.
The username based banning and the rate limiting would be great.
Monitoring for changed files was a key reason I chose this plugin over other similar. However, I can never tell what was part of a normal WP Update. When I do the update, there is no immediate notice about changed files. I log in the next time, and there's the notice. I have to remember if the time stamp matches when I ran the update. If someone else runs the update, well that's more difficult to reconcile. This makes that feature of little practical use to me.
The plugin works great. I rated it a 4 because a lot of my other features stopped working. I still would recommend this plugin, because it works and you don't have to worry about hackers.
Back in March 2013 a massive brute force attack brought me to enforce my customer WordPress installs, I found a great tool in this plugin, which guards those topic entry points for the casual and probably even strong intrusion effort (depending on install settings and hosting server safety).
I found particularly nice to receive notifications about file changes, deletions, etc.
After all I am using it as well even in my own SEO website.
Thanks for offering this to our WP Community! This one lives in my "basic install" pack.
im usin this plugin on all of my websites :) and i really feel safe about them :)
You must log in to submit a review. You can also log in or register using the form near the top of this page.