Menu
iThemes
WordPress Backup, Security & Maintenance

iThemes Security Pro

The Best WordPress Security Plugin to Secure & Protect WordPress

Built by the WordPress security experts since 2014

WordPress currently powers over 40% of all websites, so it has become an easy target for hackers with malicious intent. iThemes Security Pro takes the guesswork out of WordPress security to make it easy to secure & protect your WordPress website.

Buy iThemes Security Pro
Play

On average, 30,000 websites are hacked every day. Every 39 seconds, a new cyberattack happens somewhere on the web.

IT’S NOT A MATTER OF IF, BUT WHEN YOUR SITE WILL BECOME A TARGET

This year alone, grim statistics point to the urgent need for website owners to take active security measures to defend their sites against cyberattacks.

300%

increase in
cyberattacks

This year alone, cyberattacks have increased by 300% as hackers increase their efforts to exploit vulnerable websites with poor security.

50%

OF ALL
HACKS & BREACHES

Nearly half of all cyberattacks prey on small to medium-sized businesses. Hackers know most of them don’t have solid security measures in place.

45%

OF ALL
WEBSITE OWNERS

Almost half of all website owners say they don’t have solid security measures in place to defend their sites against attacks.

30,000

WEBSITES
HACKED DAILY

As hackers become more sophisticated, 30,000 websites are successfully hacked each day, leaving website owners to deal with the destruction.

You need a WordPress security plan to
keep the bad guys out.

All effective website security strategies need these three things: Preparation, Prevention, and Detection

WordPress currently powers over 40% of all websites, so it has become an easy target for hackers with malicious intent. iThemes Security Pro takes the guesswork out of WordPress security to make it easy to secure & protect your WordPress website.

Know the concrete actions you can take to prevent a hack or security breach from being successful. Anyone who uses your site needs to do their part to prevent targeted, frequent attacks on your website.

If someone manages to hack into your site, you need to know as quickly as possible to limit the damage they can do. Detection is a key part of an overall security strategy to help be much more resilient against a successful attack.

Buy iThemes Security Pro
Download the Free Guide

The iThemes Security Pro plugin works 24/7 to secure your site so you can rest a little easier.

PREVENT WORDPRESS HACKS | WORDPRESS SECURITY BREACHES | WORDPRESS MALWARE | & MORE

Brute force attacks refer to the trial and error method used to discover usernames and passwords to hack into a website. WordPress doesn’t track any user login activity, so there isn’t anything built into WordPress to protect you from a brute force attack. iThemes Security Pro works to secure and protect the most attacked part of your website, the WordPress login, by blocking these automated attacks.

iThemes Security Pro keeps track of important security events that occur on your website. These events are important to monitor to indicate if or when a security breach occurs. The information found in these records can be used to lockout bad actors, highlight an unwanted change on the site, and help to identify and patch the point of entry of a successful attack.

The iThemes Security Pro plugin offers several layers of user security enhancements, such as strong password requirements, two-factor authentication, and password-less logins. These important user security measures decrease the likelihood that a privileged user account can be exploited to successfully hack into a site.

The iThemes Security Pro Site Scanner is our way to secure and protect your WordPress website from the number one cause of all software hacks. The Site Scanner checks your site for known vulnerabilities and automatically apply a patch if one is available.

The reCAPTCHA feature in iThemes Security Pro protects your site from bad bots. These bots are trying to break into your website using compromised passwords, posting spam, or even scraping your content. reCAPTCHA uses advanced risk analysis techniques to tell humans and bots apart.

One of the best parts of the iThemes Security plugin is the actions it will automatically take to secure your site. iThemes Security automatically locks out users, bans user agents and IP addresses, applies version updates, and more, all on your behalf.

Monitors All the Most Important Security Activity Happening on Your Site You Can’t See

ADD A REAL-TIME SECURITY DASHBOARD IN YOUR WORDPRESS ADMIN

Every day, lots of activity is happening on your site that you may not be aware of. Many of these activities can be related to your site’s security, so monitoring these events is vital to keeping your site secure. The iThemes Security Pro plugin provides a real-time WordPress security dashboard that monitors security-related events on your site 24 hours a day, 7 days a week.

Learn More About the Security Dashboard

BRUTE FORCE ATTACK ACTIVITY

See a graph of the number of brute force attacks happening on your site. You’ll probably be amazed by how often your site is under attack.

BRUTE FORCE ATTACK ACTIVITY

See the number of users that have been banned by iThemes SecurityPro due to failed login attempts and bot signatures.

BRUTE FORCE ATTACK ACTIVITY

View important user security metrics like password strength, password age, two-factor status and more.

We Scan For the #1 Reason WordPress Sites Get Hacked: Vulnerable Themes & Plugins

INTRODUCING THE ITHEMES SECURITY SITE SCANNER

Having a vulnerable plugin or theme for which a patch is available but not applied is the number one culprit of hacked WordPress websites. iThemes Security Prop uses its own Site Scanner to check for known vulnerabilities in your plugins, themes, and WordPress core. The iThemes Site Scanner also checks your site’s blacklist status, website errors and for out-of-date software. Combined with the power of Version Management, your site will never run software with known vulnerabilities.

GET THE WEEKLY WORDPRESS VULNERABILITY REPORT

Keeping track of every new plugin and theme vulnerability is hard work. Get the weekly WordPress Vulnerability Report delivered right to your inbox to help keep your website secure.

Get the Weekly Report

Join 1 Million WordPress Websites United Against Brute Force Attacks

INTRODUCING THE ITHEMES BRUTE FORCE PROTECTION NETWORK

The Brute Force Protection Network is the best neighborhood watch. Except this neighborhood watch is a global community of watchers reporting suspicious activity to the Brute Force Protection Network.

Activate the iThemes Brute Force Protection Network to join 1 million other websites to unite against malicious IPs that are attacking WordPress sites around the world. You’re doing your part to secure not only your website but helping protect other people’s websites, too.

WHAT ARE BRUTE FORCE ATTACKS?

Learn more about the most common type of attack on WordPress sites.

Download the free guide

Make User Accounts 99% Secure
with Two-Factor Authentication

NO NEED FOR AN EXTRA PLUGIN TO SECURE USER ACCOUNTS

With iThemes Security Pro’s WordPress two-factor authentication, users are required to enter both a password AND a secondary code sent to a mobile device such as a smartphone or tablet. Both the password and the code are required to successfully log in to a user account. Two-factor authentication adds an extra layer of WordPress security to verify it’s actually you logging in and not someone who gained access (or even guessed) your password.

WordPress Two-Factor Authentication Methods Supported By The iThemes Security Pro Plugin

The iThemes Security Pro plugin works with common two-factor authentication mobile apps such as Google Authenticator, Authy, FreeOTP and Toopher.

Time-sensitive codes are supplied via email to the email address associated with the user’s account.

Provides a set of one-time use codes that can be used to login in the event the primary two-factor method is lost.

Learn More About Two Factor

Protect Your Website From Vulnerabilities Outside of WordPress

ONLY ALLOW AUTHORIZED DEVICES TO ACCESS YOUR WORDPRESS ADMIN DASHBOARD

The Trusted Devices feature in iThemes Security Pro works to identify the devices that you and other users use to login to your WordPress site. After your devices are identified, we can stop session hijackers and other bad actors from doing any damage on your website.

Learn More About Trusted Devices

Manage Multiple WordPress Sites with
iThemes Sync

REMOTE MANAGEMENT OF ITHEMES SECURITY PRO FEATURES

iThemes Sync offers a way to manage multiple WordPress sites from one place. Sync is also a secure way to remotely release iThemes Security lockouts and set Away Mode for your site.

Release Lockouts

Using Sync, you can see the IP addresses for any locked out users. To release lockouts, just click the Release button. All without every having to log into your site.

Learn More About Sync

Why Buy iThemes Security Pro?

HEAR FROM OUR CUSTOMERS & THE CREATORS

My company has been building websites for 23 years. When we discovered iThemes Security Pro, it solved so many daily problems that we were “hooked.” My team sleeps better at night knowing that hackers are thwarted. Plus, they have the friendliest support team we’ve encountered in our WordPress world!
Sue Polinsky
President, TechTriad
iThemes Security Pro is designed to make it easy for anyone to secure their WordPress website. We’re committed to providing you with a website security tool that actually works without frustration.
Timothy Jacobs
Lead Developer, iThemes Security
iThemes Security Pro protects your website against the most common culprits of hacked websites without burning through your site’s resources or your wallet. There is no other product that makes it easier to secure your WordPress website.
Michael Moore
Product Manager, iThemes

FAQ

After you purchase iThemes Security Pro, you will get an email confirmation with a link to login to the iThemes Member Panel, where you can download your iThemes Security Pro plugin zip file. Use the same username and password you used to complete your purchase to log in to the iThemes Member Panel. From the iThemes Member Panel, navigate to the Downloads page to download the zip file of the plugin. Watch the tutorial. (If you have questions about your purchase, you can always contact us directly.)

Once you’ve downloaded your iThemes Security Pro plugin zip file, follow the standard WordPress plugin installation methods to upload and activate iThemes Security Pro on your WordPress site. For more instructions on downloading and installing iThemes Security Pro, check out this tutorial on installing downloaded plugins. Once you’ve installed iThemes Security Pro, make sure to license the plugin for automatic updates. Next up, follow the plugin’s setup menu to activate the recommended security features.

Your iThemes Security Pro purchase includes a one-year membership subscription to updates and support for the plugin. Your iThemes Security Pro membership includes immediate access to all new versions and features released for iThemes Security Pro during your subscription year, plus ticketed support from the iThemes Help Desk. The membership model is the best way we can provide top-tier support and maintain iThemes Security Pro to guard your site against the latest forms of attacks. After the one-year mark, iThemes Security Pro is still yours to use and keep, but we recommend renewing your iThemes Security Pro subscription to have continued access to updates and new features that are designed for the latest security trends and threats.

We offer a 30-day refund policy. We firmly believe in and stand behind our products 100%, but we understand that they cannot work for everyone all of the time. If you would like to request a refund, please open a “Pre-Sales and Account Services” support ticket. When requesting a refund, we respectfully ask that you meet the following refund policy conditions.

Support for current iThemes Security Pro customers is available from the iThemes Help Desk. If you have questions or need help with iThemes Security Pro, please let us know. Our team of moderators actively respond to support requests (typically within one business day) during normal business hours, Monday – Friday, 8am – 5pm (CST). We also have extensive iThemes Security Pro documentation.

With so many great options out there, iThemes Security Pro stands out from the crowd. Here are comparison guides for iThemes Security vs WordfenceiThemes Security vs SucuriiThemes Security vs JetpackiThemes Security vs Malcare, and finally iThemes Security vs All in One WP Security.

Upgrading from the free version of the plugin to Pro is easy! After your purchase, you’ll receive an email with instructions on how to download iThemes Security Pro from the iThemes Member Panel. Install/activate Pro on your WordPress site, then deactivate/delete the free version. All of your settings will be preserved.

One of the best security practices for a WordPress site owner is keeping software up to date. Because of this, we only test this plugin on the latest stable version of WordPress and will only guarantee it works in the latest version.

Yes. We’re in the process of developing more documentation, so we’ll update this as soon as it’s ready.

Of course! We are in constant need of testers. In addition, we can always use help with translations for internationalization. For more information on contributing to iThemes Security, visit this page.

iThemes Security requires Apache or LiteSpeed and mod_rewrite or NGINX to work. While this security plugin should work on all hosts with Apache or LiteSpeed and mod_rewrite or NGINX, it has been known to experience problems in shared hosting environments where it runs out of resources such as available CPU or RAM. For this reason, it is extremely important that you make a backup of your site before installing on any existing site. If you run out of resources during an operation such as renaming your database table, you may need your backup to be able to restore access to your site. Finally, please make sure you have adequate RAM if you plan to use the file change detector or make large backups.

We have addition FAQs for iThemes Security Pro here. We’re also always standing by to help with your pre-sales questions if you want to contact us. For questions related to iThemes Security Pro after you have made your purchase, you can create a support ticket here.

No. iThemes Security is designed to help improve the security of your WordPress installation from many common attack methods, but it cannot prevent every possible attack. Nothing replaces diligence and implementing the WordPress security best practices. This plugin makes it a little easier for you to apply both.

ithemes security
Copy link
CopyCopied