Secure your website with Security Pro
By Vincent Wondra
March 27, 2014
I’m please to announce a new tool in our arsenal, the Security Pro plugin from iThemes. iThemes are also the developers behind the BackupBuddy plugin which has been integrated into everyone of our sites since we started in business.
We are very excited about the Security Pro plugin. We’ve been watching it’s development for some time. It finally was released this week! The Security Pro plugin evaluates your site for any vulnerabilities, breaks down the report into High/Medium/Low Priorities and provides the means to quickly fix any issues that it detects.
The Security Pro plugin provides 30 ways to protect your site:
- Brute Force Protection
- File Change Detection
- 404 Detection
- Strong Password Enforcement
- Lock Out Bad Users
- Away Mode
- Hide Login & Admin
- Database Backups
- Email Notifications
- and 21 more ways to secure your site
We took it for a test drive on BootstrapBusinessSolutions.com to see how our default configurations ranked for security, and what areas we could improve on. Our results are to the right.
How did we do? Check the image on the right –>
Overall we did pretty good. No high priority issues, and some easily made changes to fix the majority of listed items.
- High Priority – These must be dealt with right away
- ZERO! We have always taken steps to protect all of our own and clients sites. However, validation we are doing it right is always nice!
- Medium Priority – Additional levels to help prevent attack. May not apply to all sites,or you may not want on your site due to required workflow changes or plugin conflicts.
- Some areas of improvement, but overall we are doing pretty good
- Some require workflow and documentation changes (like changing the WP Dashboard URL) prior to implementation
- Some would potentially conflict with analytics and tracking functions we have implemented.
- Low Priority – Not critical, but other areas of improvement for additional security.
- Some easy fixes here.
*Few sites will get 100% on this report. With the exception of the High Priority items, the Medium and Low Priority items are suggestions and may not apply to your site. Some items may require additional testing or may require a fair amount of time to implement, so examining the ROI ahead of time would be prudent. Many of the items listed will require an understanding of website development prior to fixing. Be sure to check with your webmaster prior to implementation for the recommended course of action.
Contact us if you are interesting in having the Security Pro plugin installed and configured on your website. We will perform the installation, go over the report with you, develop a plan, and then make all of the necessary configurations for you.