BASIC or PRO. Which one is right for you?

Why Go Pro?

Stop attacks in their tracks…Go Pro

  • Solid Security Basic protects your site from hackers and cyberattackers better than most security plugins on the market. But when you want always-on protection you need Solid Security Pro with Patchstack.
  • Always-on firewall powered by Patchstack (Solid Security Pro) shields your site from threats before a patch is even issued AND blocks threats from infiltrating your site before you have a chance to take care of it yourself.
  • Brute force protection
  • Two-factor authentication and passkeys

30 WordPress security features in one WordPress security plugin

Free

Pro

Real-time WordPress Security Dashboard

Passkeys for More Secure Logins

Magic Links & Passwordless Login

Settings Import & Export

WordPress Core Online File Comparison

User Activity Logging

Temporary Privilege Escalation

WP-CLI Integration

Password Expiration

WordPress User Security Check

Refuse Compromised Passwords

Version Management

User Groups

Trusted Devices

Local & Network Brute Force Protection

Security Logging

Strong Password Enforcement

File Permission Check

Site Scanner

Two-Factor Authentication

Virtually eliminate* the #1 reason WordPress sites get hacked: vulnerable plugins and themes.

Solid Security Pro protects your site from running plugins and themes with known vulnerabilities so no known exploits can be targeted to hack into your website.

  • Site Scan for Plugin and Theme Vulnerabilities
  • Weekly WordPress Vulnerability Report
  • Version Management

Always-on Firewall Protection from Patchstack

WordPress vulnerabilities
iThemes Security vs Sucuri

Monitor for suspicious activity that can indicate a hack or breach.

Hackers target sites running on the WordPress platform at an alarming rate. When a threat goes undetected, you’re at risk for a data breach, stolen personal information, financial losses, and more. The Solid Security plugin tracks suspicious activity to keep you fully informed.

  • Real-time website security dashboard that tracks activity
  • File Change Detection
  • User Logging
  • Site lockout email notifications

Secure the most vulnerable parts of your WordPress website, like your login page.

Solid Security Pro offers several features designed to protect your WordPress login in ways that make it much harder for hackers and bad bots to gain entry to your website.

  • Brute Force Protection
  • Two-factor Authentication
  • Magic login links & passkeys
  • Refuse compromised passwords
  • reCAPTCHA
secure WordPress login

Added protections with NEW
Patchstack integration

You can’t be everywhere, all the time, but bad actors who want to hack your site, steal your data, and cripple your business are a 24/7/365 threat. 

Solid Security Pro protects your WordPress website even when your attention is elsewhere thanks to our unique Patchstack integration. 

When Patchstack is enabled, vulnerabilities are automatically patched, before you even get a chance to take action. No more worrying about the potential impact of not responding to a vulnerability fast enough. Solid Security Pro with Patchstack took care of it for you. 

What about all those times when a fix has not yet been issued by a plugin developer or vendor? We’ve got you covered there too. 

With Solid Security Pro, you can reduce your WordPress website’s risk to nearly zero. Go Pro today.


“The Solid Security Pro plugin is one of the most robust security plugins available in the WordPress ecosystem. Whether you have a current security threat or are just a smart WordPress user who wants to proactively defend their website, this plugin has all the bells and whistles to stop hackers, spam and malware in their tracks.”

Alec Wines —
Head of marketing, WPBuffs.com

“My company has been building websites for 23 years. When we discovered Solid Security Pro, it solved so many daily problems that we were “hooked.” My team sleeps better at night knowing that hackers are thwarted. Plus, they have the friendliest support team we’ve encountered in our WordPress world!”

Sue Polinsky —
President, Getmeonline.today

“I was using one of Solid Security’s competitors and we still got hacked! Since I’ve been using Solid Security our site has been rock solid! Love the products and the team.”

Erica Eide —
Founder, small business

Solid Security Pro Exclusive Features

Solid Security Pro strives to be the premiere WordPress security plugin. Below you can see some of the features that make thousands of websites entrust their business with Solid Security Pro.

Site Scanner with Automatic Vulnerability Patching

  • Checks for known malware, blacklist status, and site errors.
  • Scans for vulnerable versions of WordPress plugins, themes, and core.
  • Automatically updates plugins, themes, and WordPress core if a vulnerability is found.

Trusted Devices
with Session Hijacking Protection

  • Allow admin users to approve the devices they frequently use to log in to the site.
  • Blocks admin user logins from unrecognized devices by restricting admin capabilities.
  • Sends email notifications if a user logs in from an unrecognized device.

Intelligent Settings Import/Export

  • Perfect for client sites! Speeds up Solid Security setup across multiple sites. 
  • Control what is included in the settings export, including banned IPs, user groups, and dashboard setup.
  • Connect directly to another site to copy the security configuration.

Two-Factor Authentication

  • Adds two-factor authentication to the WordPress admin login.
  • Supports common two-factor mobile apps such as Google Authenticator, Authy, FreeOTP, and Toopher.
  • Supports additional methods like email and backup codes.
  • Control by user groups.
  • Users can configure on their User profile page.

Passwordless Logins

  • Adds more brute force protection by bypassing the normal WordPress login method.
  • Allows users to login to your website either with state-of-the-art passkeys or directly from a link sent securely to their email address.
  • Helps reduce login friction by removing the need for complicated passwords or two-factor codes while maintaining a high level of security.

Breached Password Protection

  • Requires users to use passwords that do not appear in any password breaches deleted by Have I Been Pwned.
  • Strengthen passwords on the site with automated password expiration.
  • Forces users to use strong passwords as rated by the WordPress password meter.

Brute Force Protection

  • Monitors invalid login attempts made to your website to watch for potential brute force attacks.
  • Once an IP or username has made too many consecutive invalid login attempts, they will get locked out and will be prevented from making any more attempts for a set period of time.
  • Uses two types of protection: local and network brute force protection.

File Change Detection

  • File changes can indicate a security breach or hack, so it’s important to know when changes happen.
  • Helps reduce the time it takes to detect a security breach.
  • Alerts you of file changes with an email notification alert.
  • Intelligently identifies legitimate file changes to reduce false positives.

Bot Traffic Protection with reCAPTCHA

  • Helps keep bad bots from attempting to break into your website using compromised passwords, posting spam, and scraping  content.
  • Enable reCAPTCHA for new user registration, reset password, login, and comments.
  • Supports Google reCAPTCHA v2, invisible and v3 (recommended).

Magic Links

  • Real users can potentially get locked out if a brute force attack occurs with their username.
  • Magic links allow users to bypass lockouts of their username by the iThemes Security Brute Force Protection Network.
  • Eliminates the need for a website admin to release a user’s lockout before they can login.

User Security Check

  • Helps protect against vulnerabilities related to poor passwords and security practices for Administrator or Editor users.
  • For each user on your site, view two-factor authentication status, password age and strength, last time active, active WordPress sessions, and user role.

Temporary Privilege Escalation

  • Makes it easy and safe to grant temporary admin access to outside contractors and support technicians.
  • Allows you to grant a user extra capabilities for a specified amount of time.
  • No need to create a new users every time you need to grant access to your website.

WordPress Security Logs

  • Monitors activity on your site you may not be aware is happening.
  • Can help alert you of a security breach and aide in the repair of a hacked site.
  • Tracks brute force attacks, file changes, site scans, and user activity.
  • Monitors logins,user creation, adding/removing plugins, switching themes, and changes to posts/pages.

WordPress Security Dashboard

  • Organize all your security activity in a more digestible way.
  • Security Cards break the info from the logs down to easy to consume bite-sized nuggets of data.
  • Quickly take actions such as force password change for all users, send two-factor reminders, and force logouts.

Version Management

  • Makes it easy and safe to grant temporary admin access to outside contractors and support technicians.
  • Allows you to grant a user extra capabilities for a specified amount of time.
  • No need to create a new users every time you need to grant access to your website.

WordPress Tweaks

  • Increase the security of your website by removing the ability to edit files from the WordPress dashboard and limiting how APIs and users access your site.
  • Includes the option to hide login/hide backend.

User Groups

  • By default, users will be grouped by their WordPress capabilities.
  • Gives you the confidence you are applying the right level of security to the right users.
  • Easily create custom user groups (great for clients!) for applying website security measures.

Premium Support

  • Our team of WordPress experts have been called “the friendliest support team in the WordPress world.”
  • Most tickets are solved within 1 hour.
  • All premium support tickets are managed through the Solid Help Desk for privacy and security.

FAQ

Contact

After you purchase Solid Security Pro, you will get an email confirmation with a link to login to the Solid Member Panel, where you can download your Solid Security Pro plugin zip file. Use the same username and password you used to complete your purchase to log in to the Solid Member Panel. From the Solid Member Panel, navigate to the Downloads page to download the zip file of the plugin. Watch the tutorial. (If you have questions about your purchase, you can always contact us directly.)

Once you’ve downloaded your Solid Security Pro plugin zip file, follow the standard WordPress plugin installation methods to upload and activate Solid Security Pro on your WordPress site. For more instructions on downloading and installing Solid Security Pro, check out this tutorial on installing downloaded plugins. Once you’ve installed Solid Security Pro, make sure to license the plugin for automatic updates. Next up, follow the plugin’s setup menu to activate the recommended security features.

Your Solid Security Pro purchase includes a one-year membership subscription to updates and support for the plugin. Your Solid Security Pro membership includes immediate access to all new versions and features released for Solid Security Pro during your subscription year, plus ticketed support from the Solid Help Desk. The membership model is the best way we can provide top-tier support and maintain Solid Security Pro to guard your site against the latest forms of attacks. After the one-year mark, Solid Security Pro is still yours to use and keep, but we recommend renewing your Solid Security Pro subscription to have continued access to updates and new features that are designed for the latest security trends and threats.

We offer a 30-day refund policy. We firmly believe in and stand behind our products 100%, but we understand that they cannot work for everyone all of the time. If you would like to request a refund, please open a “Pre-Sales and Account Services” support ticket. When requesting a refund, we respectfully ask that you meet the following refund policy conditions.

Support for current Solid Security Pro customers is available from the SolidWP Help Desk. If you have questions or need help with Solid Security Pro, please let us know. Our team actively responds to support requests (typically within one business day) during normal business hours, Monday – Friday, 8am – 5pm (CST). We also have extensive Solid Security Pro documentation.

With so many great options out there, Solid Security Pro stands out from the crowd. Here are comparison guides for Solid Security vs WordfenceSolid Security vs SucuriSolid Security vs JetpackSolid Security vs Malcare, and finally Solid Security vs All in One WP Security.

Upgrading from the free version of the plugin to Pro is easy! After your purchase, you’ll receive an email with instructions on how to download Solid Security Pro from the Solid Member Panel. Install/activate Pro on your WordPress site, then deactivate/delete the free version. All of your settings will be preserved.

One of the best security practices for a WordPress site owner is keeping software up to date. Because of this, we only test this plugin on the latest stable version of WordPress and will only guarantee it works in the latest version.

Yes. We’re in the process of developing more documentation, so we’ll update this as soon as it’s ready.

Of course! We are in constant need of testers. In addition, we can always use help with translations for internationalization. For more information on contributing to Solid Security, visit this page.

Solid Security requires Apache or LiteSpeed and mod_rewrite or NGINX to work. While this security plugin should work on all hosts with Apache or LiteSpeed and mod_rewrite or NGINX, it has been known to experience problems in shared hosting environments where it runs out of resources such as available CPU or RAM. For this reason, it is extremely important that you make a backup of your site before installing on any existing site. If you run out of resources during an operation such as renaming your database table, you may need your backup to be able to restore access to your site. Finally, please make sure you have adequate RAM if you plan to use the file change detector or make large backups.

We have addition FAQs for Solid Security Pro here. We’re also always standing by to help with your pre-sales questions if you want to contact us. For questions related to Solid Security Pro after you have made your purchase, you can create a support ticket here.

No. Solid Security is designed to help improve the security of your WordPress installation from many common attack methods, but it cannot prevent every possible attack. Nothing replaces diligence and implementing the WordPress security best practices. This plugin makes it a little easier for you to apply both.