SecurityWP is a powerful WordPress security plugin that will protect your website from hackers, attacks and other threats. It will protect your website from SQLi Attacks (SQL Injections), XSS Vulnerabilities, Malicious Files (Viruses) and many other types of threats.
SecurityWP uses an intelligent algorithms to detect all known hacker attacks as well as new unknown threats using code recognition and patterns, and automatically takes action.
SecurityWP is directly integrated with WordPress, you can view all logs in the Admin Panel and it is also integrated with Ban System from which can be banned Visitors (IP Addresses), IP Ranges, Internet Service Providers (ISP). SecurityWP has many features and settings. With its help can be easily managed the security of your website.
SecurityWP is a powerful Web Application Firewall designed to protect WordPress. It allows any website administrator to benefit from very advanced and powerful security features. It is very fast, optimised and requires very low system resource.
- Blocks IP after maximum retries allowed
- Extended Lockout after maximum lockouts allowed
- Email notification to admin after max lockouts
- Blacklist IP/IP range
- Whitelist IP/IP range
- Check logs of failed attempts
- MD5 Checksum – of Core WordPress Files. The admin can check and ignore files as well.
- Two Factor Auth via Email – On login, an email will be sent to the email address of that account with a temporary 6 digit code to complete the login.
- Disable XML-RPC – An option to simply disable XML-RPC in WordPress.
- Disable Pingbacks – Simple way to disable PingBacks.
- Prevent usernames discovery via REST API requests and username enumeration
- Check and/or validate user passwords using Pwned Passwords database and API
- Events logging
Web application firewall (WAF)
- Blocks malicious bots and spam
- Blocks SQL injection attacks
- Blocks executable file uploads
- Blocks directory traversal attacks
- Prevents malware infections
- New rules are received automatically
- Does not slow down the website
Easy HTTP Security Headers
- Set X-Frame-Options Header
- Set X-XSS-Protection Header
- Set X-Content-Type-Options Header
- Set Referrer-Policy Header
- Set Strict-Transport-Security Header
- Set Content-Security-Policy Header
- Hide X Powered By Header
Get Support and Pro Version
Get professional support from our experts and pro features to take your site’s security to the next level with SecurityWP.
Like the plugin?
If you like SecurityWP, please take a moment to give a 5-star rating. It helps to keep development and support going strong. Thank you!
Installation from within WordPress
- Visit Plugins > Add New.
- Search for SecurityWP.
- Install and activate the SecurityWP plugin.
- Upload the entire
security-wpfolder to the
- Visit Plugins.
- Activate the SecurityWP plugin.
Several features of SecurityWP depends on the knowledge of remote IP address, so it is important that you let the plugin know how your server is connected to the Internet. You can either set connection type via Setup page or with
Does SecurityWP make changes to my .htaccess file?
Absolutely not. Unlike other security/firewall plugins, neither SecurityWP (free version) nor SecurityWP Pro make any changes to any .htaccess file.
Is it free to enable the Website Firewall option?
No, it is not. To enable you must subscribe to the Website Firewall service.
What information does SecurityWP collect?
We take your privacy seriously. This plugin does not collect or store any user data.
Where do I get support for this plugin?
以下人員參與了開源軟體〈SecurityWP – Advanced Security & Firewall〉的開發相關工作。參與者
1.0.2 – 2020-12-26
- Tweak – Improved UI in admin panel.
1.0.1 – 2020-12-23
- Fix – an issue of ‘failed to open stream: No such file or directory’ on some versions of IIS.
1.0.0 – 2020-12-22
- First release