Abstract image of a woman sitting on books and studying on a laptop

Protect Your WordPress Website - Setting Up IThemes Security

Red8 Interactive, profile picture
Red8 Interactive

The document outlines best practices for securing WordPress sites using iThemes Security, including recommendations for access control, maintenance, and global settings. Key security measures include using strong passwords, limiting user access, enabling two-factor authentication, and implementing brute force protection. It also highlights features of iThemes Security Pro, such as password expiration and activity logging for user roles.

Software
Related topics:
Website Security Overview
1 of 38
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
WORDPRESS SECURITY USING
 ITHEMES SECURITY JASON YINGLING | LEAD DEVELOPER RED8 INTERACTIVE | RED8INTERACTIVE.COM @JASON_YINGLING | JASONYINGLING.ME
Page HHAM Hosting Hardening Access Maintenance 2
Page WORDPRESS HOSTING Support for latest software Optimized for running WordPress Malware scanning Work with WordPress 24/7 Backups 3
Page HARDENING Protecting your site from common security risks • Don’t use the ‘admin’ username • Strong passwords • Hide the login area • Brute Force Protection • 404 Protection • Malware scanning 4
Page ACCESS Minimize number of administrators Remove file editing from dashboard Two Factor Authentication 5
Page MAINTENANCE Keep WordPress up to date Keep plugins up to date Remove unused themes and plugins 6
PageProject Name ITHEMES SECURITY 7
Page ITHEMES LANDING PAGE Broken down into high priority, medium priority, and low priority 8
Page GLOBAL SETTINGS Write to wp-config.php Emails for lockout notifications, file change warnings, etc. 9
Page GLOBAL SETTINGS Error messages to display to locked out users 10
Page GLOBAL SETTINGS Enables blacklisting repeat offenders Good idea to switch these up from the defaults 11
Page GLOBAL SETTINGS Enables blacklisting repeat offenders Good idea to switch these up from the defaults 12
Page 404 DETECTION Blocks attacker for scanning for known vulnerabilities 13
Page AWAY MODE Allows for disabling access to the dashboard between certain hours Do you really need to be able to edit 24/7? Taking a vacation 14
Page BANNED USERS Enable HackRepair.com’s blacklist feature Enable Ban Users Permanently bans attackers IPs 15
Page BRUTE FORCE PROTECTION Limit the number of bad login attempts before temporarily locking out the offending host 16
Page BRUTE FORCE PROTECTION Switch it up from the default 4 Max Login Attempts Per Host 9 Max Login Attempts Per User 6 Minutes to Remember Bad Login 17
Page DATABASE BACKUPS Sends a database backup via email or stores on server Plugins • BackupBuddy • BackWPUp • WPmudev Snapshot • VaultPress 18
Page FILE CHANGE DETECTION Allows you to include and exclude specific files that may change often Helpful to see what files were changed if an attack happens 19
Page HIDE LOGIN AREA Change login url from /wp-admin to 
 /something-else Makes it difficult for attacker to find login area Avoid using iThemes default /wplogin 20
Page SSL Requires SSL setup on server Allows you to force SSL for Dashboard 21
Page STRONG PASSWORDS Enables you to force strong passwords for users for certain user roles 22
Page SYSTEM TWEAKS Some of this may be performed by your host Good idea to have on unless you know something conflicts on your site 23
Page WORDPRESS TWEAKS 24
Page WORDPRESS TWEAKS 25
Page WORDPRESS TWEAKS 26
Page ADVANCED SETTINGS Change name of ‘admin’ user Change user with id of 1 27
Page ADVANCED SETTINGS Change WordPress salts 28
Page ADVANCED SETTINGS Change name of wp- content directory Not necessary on most WP specific hosts 29
Page ADVANCED SETTINGS Change database prefix to make your tables harder to find 30
Page ITHEMES SECURITY PRO Allow you to temporarily bump a users access 31
Page ITHEMES SECURITY PRO More password options Password generator on user profile Password expiration Force password change 32
Page ITHEMES SECURITY PRO Use Google’s reCAPTCHA for login, registration, and commenting 33
Page ITHEMES SECURITY PRO Allow users to setup Two Factor Authentication using Google Authenticator app 34
Page ITHEMES SECURITY PRO Log user activities at a certain role such as login, saving content, and more 35
Page LOCKED YOURSELF OUT? Login to your database via phpMyAdmin or a program like Sequel Pro Navigate to the itsec_lockouts table Delete the row with your IP 36
Page LOCKED YOURSELF OUT? Disable plugin via FTP Navigate to /wp-content/plugins Rename the ithemes-security plugin directory 37
Page QUESTIONS? Jason Yingling | Red8 Interactive @jason_yingling http://jasonyingling.me 38

More Related Content

PDF
WordPress Security 101: Practical Techniques & Best Practices
Jonathan Hall
 
PDF
Securing Your WordPress Website - WordCamp Sydney 2012
Vlad Lasky
 
PDF
Make WordPress Fly With Virtual Server Hosting - WordCamp Sydney 2014
Vlad Lasky
 
PPTX
Tips for Fixing a Hacked WordPress Site - WordCamp Sydney 2016
Vlad Lasky
 
PPTX
An example of cms - wordpress
Eunus Hosen
 
PDF
Webinar NETGEAR - Acronis e Netgear, una soluzione concreta per la virtualizz...
Netgear Italia
 
ODP
Securing Your Moodle
moorejon
 
PDF
8 Ways to Hack a WordPress website
SiteGround.com
 
WordPress Security 101: Practical Techniques & Best Practices
Jonathan Hall
 
Securing Your WordPress Website - WordCamp Sydney 2012
Vlad Lasky
 
Make WordPress Fly With Virtual Server Hosting - WordCamp Sydney 2014
Vlad Lasky
 
Tips for Fixing a Hacked WordPress Site - WordCamp Sydney 2016
Vlad Lasky
 
An example of cms - wordpress
Eunus Hosen
 
Webinar NETGEAR - Acronis e Netgear, una soluzione concreta per la virtualizz...
Netgear Italia
 
Securing Your Moodle
moorejon
 
8 Ways to Hack a WordPress website
SiteGround.com
 

What's hot (20)

PDF
10 Steps to Secure Wordpress Sites
Aapna Infotech
 
PDF
WordPress Security
Christina Hawkins
 
PPTX
How to Secure your WordPress Website - WordCamp UK 2014
Primary Image Ltd
 
PDF
Wordpress CMS tutorial and guide manual
Ralph Francis Cue
 
PPT
WordPress MU 101
Pete Mall
 
PDF
Word camp2011 introwordpresssecurity
David Wilemski
 
PPTX
Wordpress security issues
Deepu Thomas
 
PDF
Webinar NETGEAR - Acronis e Netgear, una soluzione concreta per la Virtualizz...
Netgear Italia
 
PDF
moodle on wamp
Soliman ElSaber
 
PDF
Joomla! security jday2015
kriptonium
 
PPTX
Joomla! security jday2015
Shaiffulnizam Mohamad
 
PPT
Installation of wordpress
Yuvaraja Rajenderan
 
PDF
Secure wordpress
Prabesh Thapa
 
ODP
CMS and security / privacy
ImpessCMS
 
PDF
Secure Wordpress - 2016[17May - Mashhad]
HaMiD Fadaei | همیدفدایی
 
PDF
Top Ten WordPress Security Tips for 2012
Brad Williams
 
PPTX
Content Management System(CMS) & Basic WordPress
Shahadat Hossain Manik
 
PPTX
WordCamp Harare 2016 - Site Speed = Success
Anthony Somerset
 
PDF
Browser security — ROOTS
Andre N. Klingsheim
 
PDF
Intro to Wordpress Security
Chris Dodds
 
10 Steps to Secure Wordpress Sites
Aapna Infotech
 
WordPress Security
Christina Hawkins
 
How to Secure your WordPress Website - WordCamp UK 2014
Primary Image Ltd
 
Wordpress CMS tutorial and guide manual
Ralph Francis Cue
 
WordPress MU 101
Pete Mall
 
Word camp2011 introwordpresssecurity
David Wilemski
 
Wordpress security issues
Deepu Thomas
 
Webinar NETGEAR - Acronis e Netgear, una soluzione concreta per la Virtualizz...
Netgear Italia
 
moodle on wamp
Soliman ElSaber
 
Joomla! security jday2015
kriptonium
 
Joomla! security jday2015
Shaiffulnizam Mohamad
 
Installation of wordpress
Yuvaraja Rajenderan
 
Secure wordpress
Prabesh Thapa
 
CMS and security / privacy
ImpessCMS
 
Secure Wordpress - 2016[17May - Mashhad]
HaMiD Fadaei | همیدفدایی
 
Top Ten WordPress Security Tips for 2012
Brad Williams
 
Content Management System(CMS) & Basic WordPress
Shahadat Hossain Manik
 
WordCamp Harare 2016 - Site Speed = Success
Anthony Somerset
 
Browser security — ROOTS
Andre N. Klingsheim
 
Intro to Wordpress Security
Chris Dodds
 
Ad

Viewers also liked (20)

PDF
WordPress Does eCommerce
Tony Cecala, Ph.D.
 
DOCX
Ensayo sobre word
Ramon Ogando
 
PPTX
WordPress und SEO (WordPress Meetup Hamburg)
Phil v. Sassen
 
PDF
SEO Basics for WordPress
Roxana Moolla
 
PPTX
Protect Your Brand
Will Hanke
 
PPTX
Wordpress Ecommerce for Small Business Analysis
Mahmudul Mithun
 
PPT
WordPress como ferramenta essencial para as PME
Pedro Fonseca
 
PPTX
Lady Blogger 2015 Conference
Will Hanke
 
PDF
Performics ces recap_deck
Performics
 
PDF
North Lake Tahoe Tourism Summit - Email Marketing to Travelers
Red8 Interactive
 
PDF
SEO – Technik, Struktur und Inhalt im Einklang
TANNER GmbH
 
PDF
Landing Page Best Practices
Red8 Interactive
 
ODP
Talk WordCamp Porto 2013
Vasco Leiria
 
PDF
Performics CES Recap Deck
Performics
 
PPTX
WordCamp St. Louis 2014 WordPress for beginners by christoph trappe
Christoph Trappe
 
PPTX
Themes that perform short: WordCamp Antwerp 2016
Octavio Andrés Cifuentes
 
PPTX
Embracing Payment Technology to Attract New International Customers
eCommerce Expo Ireland
 
PPTX
The Evolving Role of Product Content
eCommerce Expo Ireland
 
PPTX
Creating Dynamic Sidebars & Widgets in WordPress
Jason Yingling
 
PPTX
(( Lucas lima )) Managing WordPress Projects - STL Meetup August 2015
Lucas Lima
 
WordPress Does eCommerce
Tony Cecala, Ph.D.
 
Ensayo sobre word
Ramon Ogando
 
WordPress und SEO (WordPress Meetup Hamburg)
Phil v. Sassen
 
SEO Basics for WordPress
Roxana Moolla
 
Protect Your Brand
Will Hanke
 
Wordpress Ecommerce for Small Business Analysis
Mahmudul Mithun
 
WordPress como ferramenta essencial para as PME
Pedro Fonseca
 
Lady Blogger 2015 Conference
Will Hanke
 
Performics ces recap_deck
Performics
 
North Lake Tahoe Tourism Summit - Email Marketing to Travelers
Red8 Interactive
 
SEO – Technik, Struktur und Inhalt im Einklang
TANNER GmbH
 
Landing Page Best Practices
Red8 Interactive
 
Talk WordCamp Porto 2013
Vasco Leiria
 
Performics CES Recap Deck
Performics
 
WordCamp St. Louis 2014 WordPress for beginners by christoph trappe
Christoph Trappe
 
Themes that perform short: WordCamp Antwerp 2016
Octavio Andrés Cifuentes
 
Embracing Payment Technology to Attract New International Customers
eCommerce Expo Ireland
 
The Evolving Role of Product Content
eCommerce Expo Ireland
 
Creating Dynamic Sidebars & Widgets in WordPress
Jason Yingling
 
(( Lucas lima )) Managing WordPress Projects - STL Meetup August 2015
Lucas Lima
 
Ad

Similar to Protect Your WordPress Website - Setting Up IThemes Security (20)

PPTX
Ithemes presentation
Jason Yingling
 
PPTX
WordPress Plugins and Security
Think Media Inc.
 
PPTX
WordPress Security Updated - NYC Meetup 2009
Brad Williams
 
PPT
WordPress Security - WordCamp NYC 2009
Brad Williams
 
PPT
WordPress Security - WordCamp Boston 2010
Brad Williams
 
PDF
ResellerClub Ctrl+F5 - WordPress Security session
Pratik Jagdishwala
 
PDF
WordPress Security is like a HHAM Sandwich
Red8 Interactive
 
PDF
Types of Security Threats WordPress Websites Face: Part-1
WPWhiteBoard
 
PPTX
Protect Your WordPress From The Inside Out
SiteGround.com
 
KEY
Securing WordPress by Jeff Hoffman
Jeff Hoffman
 
PPTX
WordPress Security - WordPress Meetup Copenhagen 2013
Thor Kristiansen
 
PPT
WordPress Security
Brad Williams
 
PPTX
Word press security
Jigar Pandya
 
PPT
Now That's What I Call WordPress Security 2010
Brad Williams
 
PDF
WordPress Security - 12 WordPress Security Fundamentals
findingsimple
 
PPTX
Security Function
Samuel Soon
 
PPT
Secure All The Things!
Dougal Campbell
 
PPTX
WordPress End-User Security
Dre Armeda
 
PDF
Word press beirut 9th meetup march
Fadi Nicolas Zahhar
 
PDF
WordCamp Mid-Atlantic WordPress Security
Brad Williams
 
Ithemes presentation
Jason Yingling
 
WordPress Plugins and Security
Think Media Inc.
 
WordPress Security Updated - NYC Meetup 2009
Brad Williams
 
WordPress Security - WordCamp NYC 2009
Brad Williams
 
WordPress Security - WordCamp Boston 2010
Brad Williams
 
ResellerClub Ctrl+F5 - WordPress Security session
Pratik Jagdishwala
 
WordPress Security is like a HHAM Sandwich
Red8 Interactive
 
Types of Security Threats WordPress Websites Face: Part-1
WPWhiteBoard
 
Protect Your WordPress From The Inside Out
SiteGround.com
 
Securing WordPress by Jeff Hoffman
Jeff Hoffman
 
WordPress Security - WordPress Meetup Copenhagen 2013
Thor Kristiansen
 
WordPress Security
Brad Williams
 
Word press security
Jigar Pandya
 
Now That's What I Call WordPress Security 2010
Brad Williams
 
WordPress Security - 12 WordPress Security Fundamentals
findingsimple
 
Security Function
Samuel Soon
 
Secure All The Things!
Dougal Campbell
 
WordPress End-User Security
Dre Armeda
 
Word press beirut 9th meetup march
Fadi Nicolas Zahhar
 
WordCamp Mid-Atlantic WordPress Security
Brad Williams
 

Recently uploaded (20)

PDF
What Makes a Great Data Visualization Consulting Service.pdf
Dreamer Technoland
 
PDF
MiniTool Power Data Recovery 12.6 Crack + Portable (Latest Version 2025)
imang66g
 
PPTX
Swiggy API Scraping A Comprehensive Guide on Data Sets and Applications.pptx
FoodData Scrape
 
PDF
IT Consulting Services to Secure Future Growth
Shiv Technolabs Pvt. Ltd.
 
PDF
Cloud Native Aachen Meetup - Aug 21, 2025
roehlclemens
 
PPTX
A Spider Diagram, also known as a Radial Diagram or Mind Map.
ycjb74thk6
 
PDF
MAGIX Sound Forge Pro CrackSerial Key Keygen
captanhook047
 
PPTX
Plex Media Server 1.28.2.6151 With Crac5 2022 Free .
cariaelif911
 
PPTX
Lecture 5 Software Requirement Engineering
Huda Nasir
 
PPTX
Human Computer Interaction lecture Chapter 2.pptx
ubaidzafar2
 
PDF
Sanket Mhaiskar Resume - Senior Software Engineer (Backend, AI)
Sanket Mhaiskar
 
PPTX
HackYourBrain__UtrechtJUG__11092025.pptx
SimonedeGijt
 
PDF
Odoo Construction Management System by CandidRoot
CandidRoot Solutions Private Limited
 
PDF
Ragic Data Security Overview: Certifications, Compliance, and Network Safegua...
Ragic
 
PPTX
Viber For Windows 25.7.1 Crack + Serial Keygen
captanhook047
 
PPTX
ESDS_SAP Application Cloud Offerings.pptx
AAlam20
 
PDF
Mobile App for Guard Tour and Reporting.pdf
ecomme9
 
PDF
Coding with GPT-5- What’s New in GPT 5 That Benefits Developers.pdf
DianApps Technologies
 
PPT
3.Software Design for software engineering
anant5150ca6
 
PDF
infoteam HELLAS company profile 2025 presentation
alexispapadimitriou
 
What Makes a Great Data Visualization Consulting Service.pdf
Dreamer Technoland
 
MiniTool Power Data Recovery 12.6 Crack + Portable (Latest Version 2025)
imang66g
 
Swiggy API Scraping A Comprehensive Guide on Data Sets and Applications.pptx
FoodData Scrape
 
IT Consulting Services to Secure Future Growth
Shiv Technolabs Pvt. Ltd.
 
Cloud Native Aachen Meetup - Aug 21, 2025
roehlclemens
 
A Spider Diagram, also known as a Radial Diagram or Mind Map.
ycjb74thk6
 
MAGIX Sound Forge Pro CrackSerial Key Keygen
captanhook047
 
Plex Media Server 1.28.2.6151 With Crac5 2022 Free .
cariaelif911
 
Lecture 5 Software Requirement Engineering
Huda Nasir
 
Human Computer Interaction lecture Chapter 2.pptx
ubaidzafar2
 
Sanket Mhaiskar Resume - Senior Software Engineer (Backend, AI)
Sanket Mhaiskar
 
HackYourBrain__UtrechtJUG__11092025.pptx
SimonedeGijt
 
Odoo Construction Management System by CandidRoot
CandidRoot Solutions Private Limited
 
Ragic Data Security Overview: Certifications, Compliance, and Network Safegua...
Ragic
 
Viber For Windows 25.7.1 Crack + Serial Keygen
captanhook047
 
ESDS_SAP Application Cloud Offerings.pptx
AAlam20
 
Mobile App for Guard Tour and Reporting.pdf
ecomme9
 
Coding with GPT-5- What’s New in GPT 5 That Benefits Developers.pdf
DianApps Technologies
 
3.Software Design for software engineering
anant5150ca6
 
infoteam HELLAS company profile 2025 presentation
alexispapadimitriou
 

Protect Your WordPress Website - Setting Up IThemes Security