Built by the WordPress security experts since 2014
WordPress currently powers over 40% of all websites, so it has become an easy target for hackers with malicious intent. iThemes Security Pro takes the guesswork out of WordPress security to make it easy to secure & protect your WordPress website.
This year alone, cyberattacks have increased by 300% as hackers increase their efforts to exploit vulnerable websites with poor security.
Nearly half of all cyberattacks prey on small to medium sized businesses. Hackers know most of them don’t have solid security measures in place.
Almost half of all website owners say they don't have solid security measures in place to defend their sites against attacks.
As hackers become more sophisticated, 30,000 websites are successfully hacked each day, leaving website owners to deal with the destruction.
All effective website security strategies need these three things: Preparation, Prevention, and Detection
Effective WordPress security takes education. Armed with a set of WordPress security best practices, you'll be prepared to lock down, secure, and protect your site.
Know the concrete actions you can take to prevent a hack or security breach from being successful. Anyone who uses your site needs to do their part to prevent targeted, frequent attacks on your website.
If someone manages to hack into your site, you need to know as quickly as possible to limit the damage they can do. Detection is a key part of an overall security strategy to help be much more resilient against a successful attack.
Brute force attacks refer to the trial and error method used to discover usernames and passwords to hack into a website. WordPress doesn’t track any user login activity, so there isn’t anything built into WordPress to protect you from a brute force attack. iThemes Security Pro works to secure and protect the most attacked part of your website, the WordPress login, by blocking these automated attacks.
iThemes Security Pro keeps track of important security events that occur on your website. These events are important to monitor to indicate if or when a security breach occurs. The information found in these records can be used to lockout bad actors, highlight an unwanted change on the site, and help to identify and patch the point of entry of a successful attack.
The iThemes Security plugin offers several layers of user security protection, from strong password requirements to two-factor authentication to passwordless logins. These important security measures decrease the likelihood that a privileged user account can be used to successfully hack into a site.
The iThemes Security Pro Site Scanner is our way to secure and protect your WordPress website from the number one cause of all software hacks. The Site Scanner checks your site for known vulnerabilities and automatically apply a patch if one is available.
The reCAPTCHA feature in iThemes Security Pro protects your site from bad bots. These bots are trying to break into your website using compromised passwords, posting spam, or even scraping your content. reCAPTCHA uses advanced risk analysis techniques to tell humans and bots apart.
One of the best parts of the iThemes Security plugin is the actions it will automatically take to secure your site. iThemes Security automatically locks out users, bans user agents and IP addresses, applies version updates, and more, all on your behalf.
|Ban bad bots & users|
|Block specific IP addresses and user agents from accessing the site|
|File Change Detection|
|Reduce Comment Spam|
|Local & Network Brute Force Protection|
|Customizable Lockout messages|
|Strong Password Enforcement|
|File Permission Check|
|iThemes Sync Integration|
|Settings Import & Export|
|WordPress Core Online File Comparison|
|User Activity Logging|
|Temporary Privilege Escalation|
|WordPress User Security Check|
|Real-time WordPress Security Dashboard|
|Magic Links & Passwordless Login|
|Refuse Compromised Passwords|
|WordPress Security Grade Report|
|Private, Ticketed Support|
Every day, lots of activity is happening on your site that you may not be aware of. Many of these activities can be related to your site's security, so monitoring these events is vital to keeping your site secure. The iThemes Security Pro plugin provides a real-time WordPress security dashboard that monitors security-related events on your site 24 hours a day, 7 days a week.
See a graph of the number of brute force attacks happening on your site. You'll probably be amazed by how often your site is under attack.
See the number of users that have been banned by iThemes SecurityPro due to failed login attempts and bot signatures.
View important user security metrics like password strength, password age, two-factor status and more.
Having a vulnerable plugin or theme for which a patch is available but not applied is the number one culprit of hacked WordPress websites. iThemes Security uses its own Site Scanner to check for known vulnerabilities in your plugins, themes, and WordPress core. The Site Scanner also checks your site's blacklist status, website errors and for out-of-date software. Combined with the power of Version Management, your site will never run software with known vulnerabilities.
The Site Scanner checks for the latest vulnerability disclosures so your site is updated as quickly as possible.
The Site Scan also checks your Google’s blocklist status and will alert you if Google has found any malware on your website.
Automatically update themes, plugins, and WordPress core if the version you're running has a known vulnerability.
During any scheduled site scans, you’ll get an email if iThemes Security Pro discovers any known vulnerabilities.
With iThemes Security Pro's WordPress two-factor authentication, users are required to enter both a password AND a secondary code sent to a mobile device such as a smartphone or tablet. Both the password and the code are required to successfully log in to a user account. Two-factor authentication adds an extra layer of WordPress security to verify it’s actually you logging in and not someone who gained access (or even guessed) your password.
The iThemes Security Pro plugin works with common two-factor authentication mobile apps such as Google Authenticator, Authy, FreeOTP and Toopher.
Time-sensitive codes are supplied via email to the email address associated with the user’s account.
Provides a set of one-time use codes that can be used to login in the event the primary two-factor method is lost.
Add security measures for unknown devices, along with Session Hijacking protection, to lock down your WordPress website and protect it from compromises to user logins.
iThemes Sync offers a way to manage multiple WordPress sites from one place. Sync is also a secure way to remotely release iThemes Security lockouts and set Away Mode for your site.
Using Sync, you can see the IP addresses for any locked out users. To release lockouts, just click the Release button. All without every having to log into your site.
We stand behind our product 100% with a 30-day refund policy.
Secure & protect
Secure & protect
Secure & protect
1 site ? Includes 1 bonus site license
for a total of 2 site licenses.
The bonus license can be used to license an additional website or for deployment/staging between two sites. You can also use the bonus site license for an additional site.