We have been hard at work with our heads down lately and felt that we needed to change that. From time to time, we’re going to spend some time putting a post together that talks about each of our products and where we are heading with them.
In this post, we want to cover more on what we have planned for iThemes Security Pro, our WordPress security plugin. Some of the information you’ll find here will be helpful and give you a glimpse into what’s about to drop, while other information in these posts will address trends we’re seeing in the greater WordPress industry that impact our products. So without any delay further delay,
How Empathy is Driving the Roadmap
One conversation has stuck with me from my time doing iThemes Security Pro support. The person requesting help was like a lot of WordPress users: a driven, self-starter entrepreneur whose time is most valuably spent on growing their business.
Unfortunately, like many website owners, he didn’t think about his site’s security until it was too late.
Our first interaction was when he reached out after he noticed some odd behavior on his website. After taking a look around his site, it became clear that his website had been hacked. I was able to point him in the right direction to get his site cleaned and told him to reach back out if he wanted some help getting started with WordPress security to prevent future attacks from being successful.
To his credit, he came back with tons of questions eager to learn how to secure his website. We had several back and forths of questions and answers while we worked to secure his site. We talked about his experience of being hacked and why it took being hacked to focus on security.
He shared that he was intimidated by all things security, and that he envisioned “fighting hackers” as something best left to computer scientists with 5 monitors and the tools of the trade. He said he didn’t know where to start, so he didn’t start.
After asking how he was doing post-hack, he spoke about the helplessness and violation he felt. It felt more like his business and life were invaded than a website being hacked. He talked about the guilt he felt for not doing more to prevent the hack. The embarrassment he felt when having to share that his negligence put his livelihood at risk.
We ultimately discovered that his WordPress username had been used by an attacker during a brute-force attack, which infected his website with malware. Knowing that the hack could have been easily prevented made their experience so much more frustrating.
The Future of iThemes Security
WordPress security shouldn’t be so complicated that people are too intimidated to get started. Having the correct security measures in place is crucial to the success of any website. Our goal is to make securing your WordPress website fast and easy.
Here are the four questions we ask ourselves when thinking about the future of iThemes Security Pro.
- How can we add even more security to people’s websites?
- How do we make it easier for people to secure their sites?
- How do we help people increase the security on their sites without sacrificing the website’s usability?
- How do we make it easier for agencies and freelancers to sell security as a service?
1. Revamping Security Site Scan
We have been hard at work, creating a new WordPress security scan now powered by iThemes. Building our site scanner has been an extensive undertaking and will require several phases of development before it is complete. That said, each phase will end with a release.
As we approach the first release of the site scan, here’s what we’re including.
- Vulnerable Software Check – iThemes Security Pro will check your website’s WordPress version and any installed plugins and themes for known vulnerabilities.
- Vulnerability Remediation – The site scanner will integrate with the iThemes Security Pro Version Management feature to automatically update vulnerable software when a patch is available.
- Google Safe Browsing Check – iThemes Security will alert you of a Google site blacklist or if Google has detected any malware on your site.
Future Site Scan Phases
We are excited about how powerful the Site Scanner will be when it is completed. Here is what we have in store.
- Blacklist Status Check
- File Level Malware Scanning
- Malware Remediation
2. Improved User Experience
Following WordPress security best practices is the best way to secure yourself from a malicious attack. However, we know that WordPress security can be an intimidating process.
You shouldn’t need to be a security expert to protect the website that you have worked to create. So we are setting out to make it easier than ever to configure your site’s security.
One common question asked in iThemes Security Pro support is how to configure security for different types of websites. We are working to make iThemes Security Pro handle your website security more intelligently. Whether you are running a blog or an eCommerce website you will be able to secure your site with a click of a button.
We commonly receive two requests from people using iThemes Security Pro to secure their client’s websites. (1.)A faster way to export and import the security settings they meticulously configured. (2.)More customizations for the security notifications sent to their clients.
We are working on both!
3. Trusted Devices Improvements
Using the iThemes Security Pro Trusted Devices feature adds a strong layer of security to your site by limiting which devices can be used to access your WordPress dashboard. By adding security measures for unknown devices, along with Session Hijacking protection, you can lock down your WordPress website and protect it from compromises to user logins.
We have got some ideas up our sleeves like increased location accuracy and device fingerprinting to make Trusted Devices even stronger!
We can’t wait for you to get your hands on all of these new features in iThemes Security Pro. Please let us know in the comments below if there is anything that you would like to see added to the roadmap!