In the Feature Spotlight posts, we are going to highlight a feature in iThemes Security Pro and share a bit about why we developed the feature, who the feature is for, and how to use the feature.
Today we are going to cover the WordPress Security Dashboard, a really cool way to help you to monitor WordPress security activity on your website.
Why We Developed the Security Dashboard
Any type of website log file is full of event entries that tell the history of your site. A WordPress security log shows you the story of your website’s security. Has your site been attacked, were there the attacks stopped, has your site been infected with malware? All of the answers to these questions and more can found in your WordPress security logs.
If you are one of the people who feel a little over your head when trying to parse data stored in security logs, you aren’t alone. We heard from so many of you who thought digging through your security logs was time-consuming, and at times the information stored in the logs can be challenging to understand.
Your website’s security logs are a vital part of any security strategy. The information found in these records can be used to lockout bad actors, highlight an unwanted change on the site, and help to identify and patch the point of entry of a successful attack.
With all of that in mind, we wanted to create an easy and fast way for iThemes Security Pro users to see the security activity and health of their WordPress website, without needing to dig through their logs.
What is a WordPress Security Dashboard?
The iThemes Security Dashboard is a dynamic dashboard with all your WordPress website’s security activity stats in one place.
As we have talked about, looking through the WordPress security log can be time-consuming and even confusing to understand. The new iThemes Security Dashboard brings your security logs to life by pulling together related entries and displaying it in a way that is relevant to you.
The new iThemes Security Dashboard utilizes new Security Cards to organize all your security activity in a more digestible way. Security Cards break the info from the logs down to easy to consume bite-sized nuggets of data.
Meet the iThemes Security Cards Available in Your Security Dashboard
We like to compare the Security Cards to baseball cards. Baseball cards don’t give you information about every player in the MLB. The cards only care about the guy pictured on the front. Likewise, the Security Cards don’t show you every entry in the log. Instead, they only show you information related to that specific card.
1. Site Scans
See the history of your iThemes Security Pro Site Scans.
2. User Security Profiles
Click on any username to get their security overview. You can send 2fa reminders from this card, force any user to log out and force everyone to update their passwords.
3. User Security Profile
Pin a single user’s profile to your dashboard, and see their user role, password strength and age, whether or not they have two-factor enabled and when they were last on the site.
4. Active Lockouts
Display all active lockouts. If your client locked themselves out, you can quickly clear the lockout from this card.
See a history of lockouts on our site.
6. Bans Overview
View a history if IPs banned by iThemes Security.
7. Brute Force Attacks
Displays a graph that charts brute force activity.
8. Trusted Devices
Displays a graph charting approved, auto-approved, and blocked devices.
9. Database Backups
View a 30-day history of backups and create a new database backup.
10. Update Summary
Display the number of WordPress, plugin, and theme updates over a specific time.
11. Banned Users
Manage your website’s banned hosts list.
How to Create & Share Security Dashboards in iThemes Security Pro
To get started, click the Security Dashboard link for the Security Admin Menu.
Next, in the top left corner click Security Dashboard and then click the Create New Dashboard link.
Next, you can create a new dashboard using the iThemes Security default dashboard or create one from scratch. Enter a name for your board and then click the Create Board button.
The goal of the Security Dashboard is to give you the information you want in a way that makes sense to you. You can start with a blank canvas and add only the cards that are important to you.
The dynamic security dashboard is entirely customizable. You pick the cards you want to see, the order they appear on your screen, and how big or small you want each card to be. This is your dashboard created by you for you.
Now that you have created the perfect security dashboard, why not share it with someone. To share a security dashboard, click the Share button.
Then select the users or user roles that you want to share it with.
The iThemes Security Dashboard uses Security Cards to break down information stored in your WordPress security logs in an easy to digest format. Keep your eye out for new Security Cards coming later this year!
Let us know if there is anything that you would like to see added to the Security Dashboard. After all, we make our products for you and our goal is to make our customer’s lives awesome.
Each week, Michael puts together the WordPress Vulnerability Report to help keep your sites safe. As Product Manager at iThemes, he helps us continue to improve the iThemes product lineup. He’s a giant nerd & loves learning about all things tech, old & new. You can find Michael hanging out with his wife & daughter, reading or listening to music when not working.