Menu
iThemes
WordPress Security, Backups & Maintenance
  • Products
    • iThemes Security Pro
    • BackupBuddy
    • iThemes Sync
    • Why buy from iThemes?
  • Bundles
    • Essentials Bundle
    • Plugin Suite
    • WordPress Web Designer’s Toolkit
    • Customer Spotlights
  • Resources
    • Blog
    • WordPress 101 Tutorials
    • WordPress Ebooks
    • Weekly WordPress Vulnerability Report
    • The Ultimate Guide to Starting a Web Design Business
  • Training
    • Upcoming Webinars
    • Free Webinar Library
    • Premium Courses
    • Become a Member
    • Member Login
  • Support
    • Documentation
    • Get Help
    • Product Updates
    • Upgrade Policy
    • Contact
    • Our Mission: Make People’s Lives Awesome
  • Log In
WordPress News and Updates from iThemes
Categories
  • Product Updates
  • WordPress Backup
  • WordPress Block Editor
  • WordPress Ecommerce
  • WordPress for Freelancers
  • WordPress Security
  • WordPress Tutorials
  • WPprosper

iThemes Security Pro Feature Spotlight – iThemes Security Check

Written by Michael Moore on November 30, 2020

Last Updated on November 2, 2021

In the Feature Spotlight posts, we will highlight a feature in the iThemes Security Pro plugin and share a bit about why we developed the feature, who the feature is for, and how to use the feature.

Today we will cover the iThemes Security Check, a way to secure your website with a single click.

In This Article
  • Why You Should Use the Security Check for Your Website
  • How to Use the iThemes Security Check
  • What Does the Security Check Do?
  • Wrapping Up: Use the iThemes Security Check to Secure Your WordPress Site

Why You Should Use the Security Check for Your Website

The Security Check feature helps save you time by enabling some of the most important security features of the iThemes Security Pro plugin for you. The check also runs some critical audits of your website’s server environment …. all with a click of a mouse.

While the Security Check doesn’t enable all of the recommended website features in iThemes Security Pro, it does provide a great jumping-off point. That said, running the Security Check will secure your website against the vast majority of hacker attacks.

Check out the top 10 things to do after installing iThemes Security Pro.

We will cover all the settings the Security Check enables, but first, let’s learn how to run the check.

How to Use the iThemes Security Check

After installing and activating the iThemes Security Pro plugin, you’ll see a prompt to run the Security Check..

You can also access the Security Check at any time by clicking the Configure Settings button on the security settings’ main page.

To run a new Security Check, click the Run Secure Site Again button.

In the next section, we will talk about what running Security Check actually does to secure and protect your website.

What Does the Security Check Do?

The Security Check audits certain aspects of your server configuration to optimize the protection that iThemes Security Pro provides on your website.

The Security Check also audits certain aspects of your server configuration to optimize the protection that iThemes Security Pro provides on your website.

Security Settings Enabled By Security Check

The Security Check won’t create any conflicts on your website. The Security Check only enables the recommended security settings that play nicely in all website environments, including shared hosts with limited resources.

Let’s take a look at the settings that are enabled by the Security Check.

  • Local Brute Force Protection – The Local Brute Force Protection feature keeps track of invalid login attempts made by IPs and usernames. Once an attacker has made too many consecutive invalid login attempts, they will get locked out.
  • Banned Users – The Banned Users feature keeps track of IP lockouts. Once an IP has become a repeat offender, iThemes Security Pro will add the IP to the Banned Hosts list and prevent the IP from viewing your website, let alone try to login.
  • Database Backups – The Database Backups feature creates backups of your site’s database.
  • Magic Links – The Magic Links feature allows you to request an email with a unique login link when your username is locked out. Using the emailed link will allow you to bypass the lockout, while the brute force attackers remained locked out.
  • Passwordless Login – The Passwordless Login feature is a new way to verify a user’s identity without actually requiring a password to login.
  • Site Scan – The Site Scan checks your site for known vulnerabilities and automatically apply a patch if one is available.
  • Two-Factor Authentication – Two-Factor Authentication verifies a person’s identity by requiring two separate methods of verification.
  • User Logging – The User Logging feature does exactly what you think; it logs user actions such as logging in and saving content.
  • WordPress Tweaks – Not all of the WordPress Tweaks options are enabled by the Security Check. Essential security methods like Disabling the File Editor, Blocking Multiple Authentication Attempts per XML-RPC Request, Restricting REST API Access, and Mitigate Attachment File Traversal Attack are enabled.

The Security Check will prompt you to activate your Network Brute Force Protection license. The Brute Force Protection Network helps iThemes Security users protect each other. IPs that get blocked for attacking your website, along with the blocked IP of other websites protected by iThemes Security, will get reported to the Brute Force Network. Once an IP is in the Brute Force Network, they will be blocked from all sites in the network.

2. Server Configuration Check

The Security Check uses proxy detection to help prevent any inadvertent server lockouts by identifying your website’s server and loopback IPs. The Security Check will also verify the remote IPs hitting your website to protect against IP spoofing.

You can choose how iThemes Security identifies IPs in the Global Settings. Choose the Security Check Scan to increase iThemes Security Pro’s ability to accurately identify your server IP and the IPs of bad actors attacking your website.

Incorrectly identifying the IPs of bad actors may lead to attackers bypassing lockouts or bans.

The Security Check… checks to see if your server has an SSL certificate enabled and if your HTTP page requests are being redirected to HTTPs. A page that is loaded using HTTPs protects your visitors with SSL encryption. You force HTTPS redirect from the Security Check menu.

Wrapping Up: Use the iThemes Security Check to Secure Your WordPress Site

With a single click, the Security Check in iThemes Security Pro:

  • Adds pro-level protection to your website by enabling critical security settings.
  • Identifies the server & loopback IPs to prevent inadvertent lockouts.
  • Prevents attackers from spoofing their IPs to bypass lockouts with remote IP identification.
  • Redirects HTTP page requests to HTTPS.
  • Add your website to iThemes Security Brute Force Network.

Get iThemes Security Pro – On Sale Now for 40% Off!

Share via:

  • Facebook
  • Twitter
  • LinkedIn
  • More
Other related posts
A security-riddled computer monitor. There is a large, orange shield with a slash in the middle of the screen. Surrounding it are a red target, a green skull and crossbones, an orange “bug”, a triangle with an explanation point in the middle and a gray gear.
WordPress Vulnerability Report – January 25, 2023
Turnstile and hCaptcha
New Turnstile and hCaptcha Support in Security Pro 7.3
WordPress vulnerability report
WordPress Vulnerability Report – January 18, 2023
clickjacking
What is Clickjacking and How to Prevent it

Respond

Click here to cancel reply.

Get updates on new themes & plugins plus special discounts

About iThemes

  • The Team
  • Contact Us
  • Website Accessibility Statement
  • Sitemap

Resources

  • Blog
  • Documentation
  • WordPress Tutorials
  • Free WordPress Ebooks
  • Free Webinar Library
  • Free Upcoming Webinars
  • iThemes Training
  • Affiliates

Customers

  • Member Panel Login
  • Support
  • FAQs
  • Upgrade Policy
  • Licensing
  • Terms and Conditions
  • Refund Policy

Top Products

  • BackupBuddy
  • iThemes Security Pro
  • iThemes Sync
  • Restrict Content Pro
  • WPComplete
  • WordPress Plugins
  • Content Upgrades
  • WordPress Landing Page Plugin
  • BackupBuddy Stash

iThemes Media LLC Copyright © 2023 All rights reserved | Privacy Policy

© 2022 All Rights Reserved.

Visit StellarWP Visit Nexcess
Share via
Facebook
Twitter
LinkedIn
Mix
Email
Print
Copy Link
Powered by Social Snap
Copy link
CopyCopied
Powered by Social Snap