The easiest, most effective way to secure WordPress in seconds.
This is the second security plugin I tried out... should have just started with it. It does nearly everything I need and is very easy to configure.
The only reason I didn't give it a full 5 star is because the watch for file changes option seems to be broken for larger sites. I tried using it on 8 separate sites, and it killed all but one of them (which was a fresh install of WP with almost nothing on it yet), I think due to the sheer volume of media it was trying to watch.
Just be warned that it it POWERFUL, and powerful plugins can be amazing or disastrous depending on your level of technical skill. Always, always, always have a backup of your database on hand just in case (and don't do configuration testing on a live site if you don't have to).
Solid plugin. Does what it advertises. Enabling secure sites can be difficult. With any security there's a steep learning curve, this plugin provides ample warnings for site breaking changes.
Found this as a replacement to outdated 'Wordpress Firewall 2' plugin and has been easy to use and setup - will be added to all my sites as long as development continues.
Better be careful using this plugin with an eCommerce site, where many file requests are necessary. The 404 logout might lead to failing purchases.
Otherwise really great and helpful, making sure I keep the bad dudes out of my site.
I like this plugin. really helpful!
In the future releases will be possible to change the backup directory?
Just be careful not to lock yourself out if you're upgrading/updating and have broken image links! The author does warn of this in the admin section but it is a pain when it gets you - at least you know it works!
Better WP Security is a great plugin. There are a couple small issues I struggled with, which I will mention here as a bugfix request and to help others. I'm new to WordPress, so please let me know if there is a better place to post bugfix requests. So 4/5 stars so far, will revise that up when the bugs are fixed:
1. After renaming the database prefix, user roles in sub-sites no longer work. Fix: option name "wp_[blog ID]_user_roles" needs to be updated as the database prefix changes. It should read "[new datebase prefix]_[blog ID]_user_roles". It appears BWPS does this for the main blog but not for sub-blogs. Thanks go to this discussion: http://wordpress.stackexchange.com/questions/11725/help-why-my-roles-are-not-showing-multi-site-network
2. This isn't really a problem, rather cosmetic: After the admin user is renamed, the "A user with id 1 still exists." notice remains in red. Following the link I am told there is nothing further I can do. Is this a bug or is there something I don't know about "user with id 1"?
since I am a complete novice this plugin is an enormous support and also the explanations in each section help me on the road to knowing just that little bit more.
You must log in to submit a review. You can also log in or register using the form near the top of this page.