what is iThemes Security Pro?
The best WordPress security plugin, Better WP Security, is now… iThemes Security shows you a list of things to do to make your site more secure with a simple way to turn options on or off. We’ve simplified these steps and provided descriptions of each action so you know exactly what’s happening on your site. You shouldn’t have to be a security pro to use a security plugin. And isn’t that the point?
iThemes Security Pro Demo
iThemes Security Pro Plugin Core Features
WordPress Brute Force Protection
Limit the number of failed login attempts allowed per user with WordPress brute force protection. If someone is trying to guess your password, they’ll get locked out after a few attempts.
File Change Detection
If someone manages to get into your site, they’ll probably add, remove or change a file. Get email alerts showing any recent file changes so you know if you’ve been hacked.
404 Detection
If a bot is scanning your site for vulnerabilities, it will generate a lot of 404 errors. iThemes Security will lock out that IP after the limit you set (20 errors in 5 minutes by default).
Strong Password Enforcement
Set which level of users on your site (admins, editors, users, etc.) need to have strong passwords. Strong password enforcement is one of the best ways to lock down WordPress.
Lock Out Bad Users
Keep bad users away from your site if they have too many failed login attempts, if they generate too many 404 errors, or if they’re on a bot blacklist.
Away Mode
Not making changes to your site 24 hours a day? Harden WordPress by making the WordPress dashboard inaccessible during specific hours so no one else can sneak in and attempt to make changes.
Hide Login & Admin
Change the default URL of your WordPress login area so attackers won’t know where to look. This feature is also great to help clients remember their login link.
Database Backups
Schedule database backups and have them emailed to you. Or you can get our WordPress backup plugin to step up your backup game. Make complete backups and send them to off-site storage destinations.
Email Notifications
Get email notifications when someone gets locked out after too many failed login attempts or when a file on your site has been changed.
iThemes Security Pro Plugin allows WordPress Two-Factor Authentication
With iThemes Security Pro’s WordPress two-factor authentication, users are required to enter both a password AND a secondary code sent to a mobile device such as a smartphone or tablet. Both the password and the code are required to successfully log in to a user account. Two-factor authentication adds an extra layer of WordPress security to verify it’s actually you logging in and not someone who gained access (or even guessed) your password.
MOBILE APP
The iThemes Security Pro plugin works with common two-factor authentication mobile apps such as Google Authenticator, Authy, FreeOTP and Toopher.
EMAIL
Time-sensitive codes are supplied via email to the email address associated with the user’s account.
BACKUP CODES
Provides a set of one-time use codes that can be used to login in the event the primary two-factor method is lost.
iThemes Security Pro Changelogs
v8.3.1 – 2024-01-25
Bug Fix: A PHP Fatal Error on PHP 8+ when logging a WP_Error to the Security Logs.
Download IThemes Security Pro v8.3.0 – Take the Guesswork Out of WordPress Security Nulled Free
8.3.0 – 2024-01-24
New: The Firewall page has a new IP Management tab to provide easy access to blocking or authorizing IP addresses.
New: Usage Data Sharing (opt-in only) allows users to share non-personal and non-sensitive information with StellarWP to inform decisions about how to improve Solid Security in the future.
Enhancement: The “Trusted Devices” manager has been redesigned and relocated to the Security Profile tabbed UI.
Enhancement: Add a snackbar notice when making changes on the Firewall Configure page.
Enhancement: Make the GDPR Optin text in the CAPTCHA module more visible.
Tweak: Remove some straggling references and links to iThemes.
Tweak: Consistently refer to 2FA as Two-Factor Authentication on the Profile page.
Tweak: Allow performing more Site Scan actions when the issue is muted.
Bug Fix: Truncate log item columns that are too long before inserting into the database.
Bug Fix: Consistently order the Security Profile tabs.
Bug Fix: Add missing text domain to new Solid Security Admin Menu items.
Bug Fix: Reset filters on the Vulnerabilities page when starting a Site Scan.
Bug Fix: PHP warning on the logs page when the File Change module logs unexpected data.
“Download IThemes Security Pro v7.2.1 – Take the Guesswork Out of WordPress Security Nulled Free
v7.2.1 – 2022-09-16
Bug Fix: Fatal error when running on a site with an unprefixed version of Pimple or Psr/Container that was loaded before iThemes Security.”
V7.1.3
- Tweak: Remove non-SSL fallbacks for Security Check Pro and Version Management.
- Bug Fix: Tweak checkbox styles.
- Security Improvement: To improve server compatibility, requests to the iThemes updater servers would automatically downgrade from https to http when https connections failed. This update removes the automatic downgrade.
- Bug Fix: Version Management compatibility with further changes in WordPress 5.6.
- Improved compatibility with WP Engine.
- Fixed Version Management compatibility with WordPress 5.6.
- Bug Fix: Follow Core UI patterns for Application Passwords.
- Bug Fix: Pass the `WP_Error` object to the `wp_login_failed` hook.
- New Feature: iThemes Security now supports Passwordless Login and reCAPTCHA v3 for Restrict Content Pro ( version 6.4.3 and later ).
- Enhancement: Overwrite Restrict Content Pro’s detected IP address with the IP detected by iThemes Security.
- Tweak: Application Passwords compatibility with WordPress 5.6.
- Bug Fix: Two Factor and Passwords Requirements compatibility with Restrict Content Pro.
- Bug Fix: PHP warnings that may occur when initializing default user groups on a new installation.
- And some other minor improvements and bug fixes.
