Home / Wordpress / Secure WordPress Using iThemes Security – Plugin Guide

Secure WordPress Using iThemes Security – Plugin Guide

According to the reliable resources thousand of sites are hacked each day due to the poor site security. Specially those sites who are hosted their website on WordPress and not manage properly. No doubt WordPress is the best, among all CMS (Content Management System) in the world and much secure than other but but it still need some security configuration after installing the WordPress and that’s the point where WordPress plugins comes and solve our security issues and iThemes Security Plugin is one of them.

In today’s article, we will trying to explain a best iThemes Security guide which helps you to make your wp site secure and bulletproof. First of all download and install latest iThemes Security Plugin(formerly known as Better WP Security) from wordpress.org. After installing and activating the iThemes Security plugin go to security plugin dashboard hai setting up plugin feature.

iThemes Security Plugin Setting Guide

Those who already installed iThemes Security Plugin on their site just visit Security > Settings page to configure site security and take necessary steps to make site bulletproof. Here is settings overview guide…

Global Settings

1- Give Write Permission

2- Notification Email

On second option enter your email address to receive emails about security updates such as brute force attacks.

3- Database Delivery Email

On third box enter your email address where you want to receive backup of your complete database.

4- Host Lockout Message

Leave this option as blank however, you can display a host error message as you want html tags such as a, strong, h1, h2, h3, h4, h5, h6, br, em, div tags can be use to display message.

5- User Lockout Message

Leave this option as blank however, you can display invalid login attempts message in your style html tags such as a, strong, h1, h2, h3, h4, h5, h6, br, em, div tags can be use to display message.

6- Community Lockout Message

Leave this option as blank however, you can display error message if iThemes Security system found user IP as threat. However you can display message in your style html tags such as a, strong, h1, h2, h3, h4, h5, h6, br, em, div tags can be use to display message.

Other options under Global Settings page leave as default and no need to touch anything…

404 Error Detection Setting

404 error detection feature monitor those users who browse/hit large number of non-existent pages. Sometimes hackers try to find vulnerabilities by hitting the large number of 404 non-existent pages. This feature protects your site from such suspicious activities and improve the site security so check this box and leave as default other settings on this menu.

Away Mode

If you update your site once a week or month than this option is for you. Basically away mode feature protect your site from unauthorize access. The options restrict and disable admin access to specific time or date, which is so beneficial and reduce the hacking attacks on your wp site.

Banned Users

This feature gives you ability to block/ban such hosts and user agents, who are involve in illegal activities. Just check HackRepair.com’s blacklist and Ban user feature and then Just enter IP address or user agents value in box and iThemes Security plugin will not give them access to your site.

Brute Force Protection

Brute Force is the most common method used by hackers to hack sites. In brute force attack hackers do unlimited login attempts with different password combinations to access wp site. By enabling this option this security plugin will ban the user or host after 5, 10 or specific failed login attempts.

Database Backup

I love this feature so much because if hackers hacked me or server crash then i can restore my site’s database and make it alive again with all my contents and posts. This feature in iThemes Security can make database backup in daily or weekly basis and can send you via email. Here are some top database backup plugins list.

File Change Detection

If your web server failed to secure you and hackers access your files and make some changes on it. This feature warn you that someone access your site and can modify your core files.

Hide WordPress Login Area

I like this feature so much in iThemes Security by hiding the login area you can reduce brute force attack and control failed login attempts. This feature Hides login page (wp-login.php, wp-admin.php) and making it harder to find. Just change login slug under ‘Hide Login Area’ Tab and check the box ‘Enable the hide backend’ to use this wonderful feature.

Malware Scanning

Malware Scanning feature will scan all your site via VirusTotal.com before you use it you need to signup on it… Don’t Worry Its Totally Free

Secure Socket Layers (SSL)

If SSL is enable in your site then just enable this feature for Login and Dashboard URLs to browse securely.

Strong Passwords

Under this menu and Check ‘Enable strong password enforcement’ feature and select the desired roll to enforce it.

System Tweaks

This feature is packed up with different tools and and you need to do is that check all the sections under System Tweaks Tab such as files, disable directory browsing, filter all request, Long URL Strings, Suspicious Query Strings, Non-English Characters,, File Writing Permissions, Uploads section.

WordPress Tweaks

Check all the sections under WP Tweaks sections such as Generator Meta Tag, EditURI Header, Windows Live Writer Header, Display Random Version, Comment Spam, XML-RPC, File Editor, Login Error Messages, Replace jQuery With a Safe Version and other options in WordPress Tweaks…

We hope this complete post about iThemes Security Plugin Guide helps you to know better way and will perform a fabulous role to protect your site from hackers and crackers.


About tahir

Check Also

How to Add Tabbed Content in WordPress Posts

You can save your lots of space and lots of information in Tabbed Content.Tabbed content allows ...

How to Use Dropbox as a CDN for WordPress

Decrease your site load time and increase security of your wordpress files with CDN.There are ...

Must Have WordPress Plugins That Every Site Needed

No doubt WordPress is a popular and widely used Content Management System(CMS). Currently using by ...

How to Install WordPress on your Computer

WordPress is best software for creating a CMS website, but if you like to try ...

Make Money Online With AdHitz Advertisement Program

Now a days blogger/webmasters are searching the ways to make money online from their site’s content. Webmasters ...