WP Security Pro

plugin banner

Provides security against Login, Registrations, brute force attacks by tracking IP and Blacklisting IP's.

Author:miniorange (profile at wordpress.org)
WordPress version required:2.0.2
WordPress version tested:6.1
Plugin version:4.3.2
Added to WordPress repository:24-02-2016
Last updated:31-10-2022
Rating, %:80
Rated by:12
Plugin URI:http://miniorange.com
Total downloads:40 297
Active installs:700+
plugin download
Click to start download

WORDPRESS’S MOST POPULAR FIREWALL & SECURITY SCANNER

A malware scanner and endpoint firewall that was created specifically for WordPress is included in Wp security pro. To keep your website secure, our Threat Defense Feed provides Wp Security Pro with the most recent firewall rules, malware signatures, and dangerous IP addresses. The most complete WordPress security solution is Wp security pro, which is rounded off by 2FA and a variety of extra features.

Features

  • Complete Web Security suite to protect WordPress from any attacks
  • Web Application Firewall (WAF): WordPress Firewall to protect your site
  • OWASP TOP 10 Protection
  • Login Protection: Spam and Login Protection
  • Malware scanner: Detects any virus, malware, and trojan
  • Backup: Taking Encrypted Backup with local storage and cloud storage
  • Limit Login Attempts to stop password guessing
  • Real-time Global IP Blocking
  • Limit Rate of Request: Protecting resources from any security hole exploit
  • Crawler Detection and blocking
  • Blocking IP and Attacks
  • Country Blocking and Browser Blocking
  • Brute Force Attacks prevention to stop password hack
  • Captcha for Bot Detection
  • Google Recaptcha
  • Login Form Protection
  • Registration Form Protection
  • Integration with the different plugins – Woo commerce, BuddyPress, ultimate member, and others
  • Reporting
  • Audit Log

Web Application Firewall

  • WordPress firewall is built specifically for WordPress and blocks malicious traffic on your WordPress Site.
  • Block Attacks and prevent access
  • SQL injection Protection (SQL)
  • Cross-site scripting(XSS) Attacks
  • Remote-File Inclusion(RFI)
  • Local File Inclusion(LFI)
  • Secure Rate Limiting – It controls the number of incoming requests from a specific IP to a service(Website).
  • Realtime Global IP Blocking – It protects from malicious IPs and lets the genuine traffic on your WordPress.
  • Realtime Rules and Signatures update – Constant update of signatures based on threats.
  • Blocking IP – Block any IP you want just with one click.

Login Protection and Spam Protection

  • Brute Force Login / Attacks Protection – We keep track of users’ login attempts and we send alerts to administrators for unusual activities if someone exceeds allowed failed login attempts.
  • Protects from brute force attacks and password guessing on the login page.
  • Limit Login Attempts – Automated attacks on the login page to guess your password can be a risk for users’ accounts. You can just limit the login attempts and the rate of requests on the website.
  • Login Security – Limit Login Attempts and track user login attempts
  • Common Password protection – Detect if users use commonly leaked passwords
  • User Registration Security – Disallow Disposable / Fake email addresses
  • Google reCAPTCHA protection for login, and registration.
  • Spam Protection and Comment Spam Protection

Registration Security

  • Captcha on the registration form
  • Protection for WordPress files – We provide you the option to prevent access to users from browsing directory content and editing files from WP Dashboard (Themes and plugins).
  • Block Fake Users – We help you to detect suspicious email addresses instantly. Most of the users use disposable, fake, or temporary email addresses for registering on online websites. We help you stop accepting registrations from those emails.

Malware Scanner

  • Malware scanner will scan all the files including WordPress core, plugins, and theme files to know if any of them have malware and malicious URLs.
  • Malware Scanner  – The scanner will scan all the files including WordPress core, plugins, and theme files to know if any of them have malware and malicious URLs.
  • Malware Detection Signatures – With Real-time signature updates, it checks for the latest threats and notifies you of any issues found.

Backup

  • Encrypted Database backup and File Backup – Backup your WordPress database files easily with a single click. You can either download your backup or can save it on your server.
  • Cloud Backups – Store it in cloud storage or remote locations like Google Drive, Amazon S3, DropBox, and others.
  • One-Click Restore – File restoring is made easy with just One-Click Restore.

Blocking

  • IP Blocking – Manual and automatic blocking of IP address ( Blacklisting and whitelisting included ).
  • Country Blocking – If you have a website that gets inundated with SPAM or hacking attempts from visitors or bots originating from certain countries we can help you block those attempts. You can block the request coming from countries like Russia, Brazil, China, and others.

Live traffic Monitoring and Reporting

  • Traffic Monitoring – Keep a Real-time watch on traffic and get details on every request. Also, you get the option of filtering reports with various criteria like username, IP address, and date. Also, you can export reports in CSV and pdf.
  • IP Lookup – IP Lookup gives you a way to look up who owns an IP address or domain name that is visiting your website or is engaging in malicious activity on your website.
  • Security Log – Logs Blocked IPs, Spammers, Bots, HTTP 404,403 and 400 logging

Advanced Features :-

  • Advanced Blocking – Block users based on: IP range, Country, Browser / User Agent, Referrer, and HostName(DNS)
  • Htaccess Website Security Protection- Secure your website from unintended users with ht-access website security protection which blocks user requests on the server(apache) level.
  • Comment SPAM Filter and Site SPAM Check – We check if your website is generating SPAM to protect your website from getting blocked by search engines. Also, we help you to filter comments for malware and phishing URLs.
  • SPAM Protection and google reCAPTCHA for comments – Google reCAPTCHA protects your website from spam and abuse. reCAPTCHA uses an advanced risk analysis engine and adaptive CAPTCHAs to keep automated software from engaging in abusive activities on your site.
  • Notification to admin and end users – Send Email Alerts for IP blocking and unusual activities with a user account
  • DOS (Denial of service) attacks protection – Protect your resources from DOS attacks by slowing down attackers by delaying response and increasing delay in each of his requests and eventually blocking them entirely.
  • Notifications – Get email alerts for unusual activities with your user accounts. We also support customized email templates that you can use for branding.

How is miniOrange Different?

miniOrange has various types of deployments that gives the customer a safe and protective choice. miniOrange offers plugins, Cloud, and On-premise server modules. The plugin will block all incoming requests on the network where the website is hosted. You can block the request before reaching the server with the network solutions. And keeping backups are essential so that you can fall back in case of any loss or modification of data intentionally or unintentionally. miniOrange provides encrypted backups for files and databases with one-click recovery.

=miniOrange provides three levels of Security to which owners can decide which solution would be the best for them=

  • WordPress-Level Web Application Firewall
  • Server Level On-premise WAF
  • Server Level Cloud-based WAF

Do you want to support?

Please email us at info@xecurify.com or Contact us


Screenshots
ChangeLog