Securing Your Site With iThemes Security
This post will take 3 minutes to read.
Ensuring your site is secure isn’t an easy job. Hacking techniques and web standards are always changing. Luckily, there are security plugins out there that we can install to keep our sites secure. These plugins have teams that keep up with the research and ever-changing web so we can focus on other parts of our site.
I have made a lot of content about security including how to secure your passwords and 3 common hack techniques. However, even with all of that content, there is still much more to cover. So, why not install a plugin that does a lot of the security for us? There are many good security plugins out there. When you are comparing your choices, you want to find one that is updated regularly and has a good community around it. My personal favorite and recommended plugin is iThemes Security. This plugin has over 600,000 users and almost 3,000 5-star reviews. It creates a list of all things you should fix, lists them in priority order, and makes fixing them one-click fixes in most cases.
Installing And Configuring iThemes Security
iThemes Security is a free plugin found in the WordPress repository. They do offer a Pro version which I highly recommend; however, it isn’t needed for anything I am discussing here. When you first install the iThemes Security, you will see a new Security menu in your admin dashboard. Inside the menu, is a Page called Dashboard.
This dashboard shows all the things that you can do to tighten your site’s security. It lists these tasks in priority order. Even better is that most of these can be fixed in a single step. For example, if we click “Fix It” for the “User nicknames may be the same as their login name” item, it will bring us to the settings page and highlights the option to change.
From here, we simply check the checkbox for “Force users to choose a unique nickname” and then click “Save All Changes”. Now that item is fixed. Each site will be different depending on hosts and your plugins but you should aim to fix all of the high priority items, all or most of the medium priority items, and all or some of the low priority items to ensure maximum security.
A few tasks that should be taken care of on all sites include “Your login area is not protected from brute force attacks.”, “User nicknames may be the same as their login name. “, “A user with id 1 still exists.”, “Your WordPress Dashboard is using the default addresses”, and “A user name with admin still exists”.
All of the other tasks are important as well but some of them may already be done by your host or another plugin. Or, they may cause a conflict in some cases. However, the goal should be to complete as many of the tasks as possible to ensure your is as secure as possible.
If you want to tighten your security even more, check out their Pro version as it includes extra features such as malware scanning and two-step authentication. For more information, be sure to checkout their iThemes Security getting started video.
Do you have any great experiences with iThemes Security? Do you use a different security plugin? Be sure to comment below so we can learn from your experiences!