Even Our Basic Website Maintenance Plan Includes all this:
Even Our Basic Security Includes all this:
Basic Malware Scanning
Periodic scans of your site and files to ensure your website stays malware free.
Stop comment and form submission spam before it starts with our multi level SPAM prevention processes.
Brute Force Protection
Limit the number of failed login attempts allowed per user. If someone is trying to guess your password, they’ll get locked out after a few tries. You can even whitelist your own IP, so you’re allowed more login attempts.
File Change Detection
If someone manages to get into your site, they’ll probably add, remove or change a file. Get email alerts showing any file changes so you know if you’ve been hacked.
If a bot is scanning your site for vulnerabilities, it will generate a lot of 404 errors. iThemes Security will lock out that IP after the limit you set (20 errors in 5 minutes by default).
Strong Password Enforcement
Set which level of users on your site (admins, editors, users, etc.) need to have strong passwords. This is one of the best ways to secure your site.
Lock Out Bad Users
Keep bad users away from your site if they have too many failed login attempts, a lot of 404 errors or if they’re on a bot blacklist.
Not making changes to your site 24 hours a day? Make the admin area inaccessible during specific hours so no one else can sneak in.
Full Automated Backups
Schedule backups and have them sent to an off-site storage destination.
Get email notifications when someone gets locked out after too many failed login attempts or when a file on your site has been changed.
Get a quick view of important security stats for your site and easily perform security actions like temporarily whitelisting your IP — without having to navigate to the plugin’s settings.
Online File Comparisons
iThemes Security Pro compares changes made to any WordPress core file on your system with the version on WordPress.org to determine if the change was malicious.
Two-Factor Authentication (Optional)
Add a second line of defense to your website’s password by optionally requiring a second authorization code each time a person logs in.