The Best WordPress Security Plugin to Secure & Protect WordPress

Other Questions?

How do I upgrade from the free version of iThemes Security to iThemes Security Pro?

After your purchase, you’ll receive an email with instructions on how to download iThemes Security Pro. Deactivate the free version on your WordPress site, then install Pro (but do not activate Pro yet). With both versions deactivated, delete the Free version. Now, you can activate the Pro version, and your previous settings will be preserved.

Why does iThemes Security require the latest WordPress version? Can’t I use a slightly older version?

One of the best security practices for a WordPress site owner is keeping software up to date. Because of this, we only test this plugin on the latest stable version of WordPress and will only guarantee it works in the latest version.

Can a WordPress security plugin completely stop all attacks on my site?

No. iThemes Security is designed to help improve the security of your WordPress installation from many common attack methods, but it cannot prevent every possible attack. Nothing replaces diligence and good practice. This plugin makes it a little easier for you to apply both.

Is “Security Check” feature good enough protection?

The Security Check feature is designed to help save you time and ensure your site is using the recommended security settings. After enabling this you should review all other features for further protection.

Is this plugin only for new WordPress installs or can I use it on existing sites, too?

Many of the changes made by this plugin are complex and can break existing sites. While iThemes Security can be installed on either a new or existing site, we strongly recommend making a complete backup of your existing site before applying any features included in this plugin.

Will this work on all servers and hosts?

iThemes Security requires Apache or LiteSpeed and mod_rewrite or NGINX to work. While this security plugin should work on all hosts with Apache or LiteSpeed and mod_rewrite or NGINX, it has been known to experience problems in shared hosting environments where it runs out of resources such as available CPU or RAM. For this reason, it is extremely important that you make a backup of your site before installing on any existing site. If you run out of resources during an operation such as renaming your database table, you may need your backup to be able to restore access to your site.Finally, please make sure you have adequate RAM if you plan to use the file change detector or make large backups.

Does this work with network or multisite installations?

Yes.We’re in the process of developing more documentation, so we’ll update this as soon as it’s ready.

Can I help?

Of course! We are in constant need of testers. In addition, we can always use help with translations for internationalization. For more information on contributing to iThemes Security, visit this page.

What changes does this plugin make that can break my site?

iThemes Security makes significant changes to your database and other site files which can be problematic for existing WordPress sites. Again, we strongly recommended making a complete backup of your site before using this plugin. While problems are rare, most support requests involve the failure to make a proper backup before installation. DISCLAIMER: Under no circumstances do we release this plugin with any warranty, implied or otherwise. We cannot be held responsible for any damage that might arise from the use of this plugin.Note that renaming the wp-content directory will not update the path in existing content. Use this feature only on new sites or in a situation where you can easily update all existing links. For more information, visit Fixing iThemes Security Lockouts and What is Changed By iThemes Security

Where can I get help if something goes wrong?

Official support for this plugin is available for iThemes Security Pro customers. Our team of experts is ready to help. To access support, please visit the iThemes Member Panel to create a support ticket.