Protect your WordPress site by hiding vital areas of your site, protecting access to important files, preventing brute-force login attempts, detecting
Very effective so far in reducing the number and severity of issues arising from casual hacking attempts. Its been circumnavigated a couple of times but when used together with Wordfence Its been very good. For sites experiencing lots of DOS and hacking issues we've had to rely on Sucuri.com
Very good plugin for security related issues.
I am satisfied with the global security, honestly it's a great all-in-one security plugin.
But I got some 403 error pages while I am working in my dashboard like multiple posts editing, or sub-site deactivation.
All works well if I deactivate the plugin, but this is wrong when the plugin is activated.
Thank you anyway, great job! Hope you'll fix it soon, I am fully available for providing any information you'll need.
I've used this plugin for several years now in both the free version and the premium iThemes version and it's performed very well. The peace of mind that comes from some of the features is great -- not only for me, but for my clients, too. It's very simple to use (can't say the same for some others in this category) and allows a lot of settings. You must BE CAUTIOUS when using a few of the heavy features -- never work with a site's security without a full backup handy.
watch for 404 error as they can lock out insensate users
This is an easier plugin to use than its predecessor
This plugin is a must have (or the concurrent one that is good too)but there are some problems. After the activation of the htaccess and sys files protection I was unable to manually modify it also disabling and/or unistalling the plugin. Isn't a big problems if you have the expertise in how to manually work with file permissions but isn't nice.
And I think that the paid version is too expensive. I suppose that with cheapers prices a lot of users will start to use the pro version.
You have to consider that to secure a wordpress server you need not only this plugin but also good mod_sec rules and also this need monthly payments or paid version of services like cloudflare. At the end of a month with all this services activated I have to pay more than the server or cloud bills.......
We've interrupted a few attempts to hack clients' sites, and have installed iThemes Security to help protect us going forward. According to the reports, the plugin has since blocked numerous hosts trying to brute force or otherwise gain admin access. So, there's very little doubt in my mind that the plugin does what it says and more.
The reason I don't give five stars: I'm first and formemost a marketer, but having set up dozens of WP sites (inc. coding my own themes and fiddling with better devs' code) since at least WP1.7, I consider myself fairly well-versed in WP ways. However, I find configuring iThemes Security unnecessarily confusing, which adds a sense of insecurity to the security.
Some UI work and Plain English documentation, especially with regards to default and suggested settings, would probably go a long way.
You must log in to submit a review. You can also log in or register using the form near the top of this page.