Solid Security – Password, Two Factor Authentication, and Brute Force Protection

Verminder je WordPress site’s risico tot bijna nul met Solid Security

Formerly iThemes Security. Looking for iThemes? Learn more here.

On average, 30,000 websites are hacked every day.* Cyberattacks in the US increased by 57% in 2022.** Bad actors who want to hack your site, steal your data, and cripple your business are a 24/7/365 threat.

You need a proactive, strategic approach to WordPress website security that protects your site from brute force attacks, malware infections, and other cyber threats.

Solid Security shields your site from cyberattacks and prevents security vulnerabilities. It automatically locks out bad users identified by our Brute Force Protection Network that is nearly 1 million sites strong and leverages your own blacklist. It secures and protects your most commonly attacked part of your WordPress website – user login authentication.

Patchstack integratie (Pro) beschermt je site voordat je zelf de kans krijgt om kwetsbaarheden aan te pakken en zelfs voordat een plugin of thema verkoper of ontwikkelaar een patch kan uitsturen.

Dat is 24/7/365 altijd actieve werkelijk Solid Security.

🌐 Beveilig je site in enkele minuten

The Solid Security setup and onboarding experience allows anyone to secure their WordPress website in under 10 minutes, regardless of technical acumen. Knowing that you have enabled all the right security settings for your website will leave you feeling like your site has never been more secure.

📚 Security Site Templates to Fit Your Type of Site

Enabling the correct security settings based on the type of website you are building or maintaining is essential for proper security. An eCommerce site requires a different level of security than a basic blog. Solid Security Site Templates make it quick and easy to apply the right security settings for your website.

Choose from six different site templates to apply the type of security your site needs:

1. Ecommerce – websites that sell products or services
2. Network – websites that connect people or communities
3. Non-Profit – websites that promote your cause and collect donations
4. Blog – websites that share your thoughts or start a conversation
5. Portfolio – websites that showcase your craft
6. Brochure – simple websites that promote your business

⌚ Real-Time Website Security Dashboard

Every day, lots of activity is happening on your website that you can’t see. Many of these activities can be related to your site’s security, so monitoring these events is vital to keeping your site secure.

De Solid Security Pro plugin voorziet een realtime WordPress security dashboard dat toezicht houdt op security gerelateerde events van je site de klok rond. De Solid Security Dashboard is een dynamisch dashboard met al je WordPress site’s security activiteit’s statistieken op één plaats waaronder: brute force aanvallen, verbannen gebruikers, actieve uitsluitingen, site scan resultaten en gebruiker security statistieken (Pro).

🗝️ WordPress login beveiliging

Opstellen en behouden van correcte WordPress configuraties en beheren van toegang tot gebruikers accounts zijn essentiële aspecten om je site te versterken tegen bedreigingen en kwetsbaarheden. Basic en Pro bevatten functies die beide van deze factoren aanpakken.

• Two Factor Authentication (2FA) – Make your WordPress login nearly impenetrable to attack by requiring users to enter a security code along with a password to login. The Solid Security plugin allows you to add two-factor authentication to your WordPress login with several authentication methods, including mobile apps like Authy and Google Authenticator, email, and backup codes.

• Password Requirements – Create and enforce a password policy for your users in less than a minute.

• reCAPTCHA (Pro) – Stop bad bots from engaging in abusive activities on your website, such as attempting to break into your website using compromised passwords, posting spam, or even scraping your content.

• Passwordless Logins (Pro) – WordPress security made easy. Secure your user accounts with 2fa & strong passwords while allowing real users login with a click of a mouse.

• Trusted Devices (Pro) – Identify the devices you and other users use to block session hijacking attacks and limit Administrator privileges to Trusted Devices.

• Automatische kwetsbaarheid patchen (Pro) – Solid Security Pro bevat Patchstack die kwetsbaarheden patcht voordat je zelf de kans ervoor krijgt en past correcties toe zelfs voordat een plugin ontwikkelaar of verkoper een patch uitstuurt.

Lees meer over hoe passwordless login de toekomst is en hoe Solid Security jou vandaag kan helpen met de implementatie ervan.

👨‍👩‍👧‍👦 The Right Amount of Security for Every User Level

Verschillende typen gebruikersniveaus vereisen verschillende beveiligingsniveaus. Tijdens het Solid Security installatieproces kun je de belangrijkste gebruikersgroepen van je site identificeren. Zodra de verschillende soorten gebruikers zijn geïdentificeerd, kun je het beveiligingsniveau toepassen dat precies geschikt is voor elke gebruikersgroep.

Hier zijn een aantal voorbeelden van hoe gebruikersgroepen nuttig zijn voor het beveiligen van je site:

• For Clients – Let’s say you are configuring Solid Security on a client’s website. You will decide whether or not they are required to use two-factor authentication and if they should have access to the Solid Security settings.

• For Customers – If you have an eCommerce website, you will decide whether or not you want to protect customer accounts with a password policy.

Machtiging verhoging (Pro) voegt ook een veilige manier toe om tijdelijke toegang op beheerdersniveau tot je site te verlenen.

🤖 Block Bad Bots & Ban User Agents with Lockouts

• Ban Users (Basic and Pro) – Permanently block repeat offenders from accessing your site. Local Brute Force Protection – Automatically identify and stop the most common method of attack on WordPress sites.

• Lokale Brute Force bescherming (Basic en Pro) – Identificeert en stopt de meest voorkomend aanvalsmethoden voor WordPress sites automatisch.

• Network Brute Force Protection (Basic and Pro) – The network is the Solid Security community and is nearly one million websites strong. If someone tries to break into websites in the Solid Security community, Solid Security will block them across the network.

• Magic Links (Pro) – Security shouldn’t get in your way. Magic Links allow you to log in to your WordPress site while your username is locked out by the Solid Security Local Brute Force Protection feature.

🔍 Monitor Your Site’s Security Health

• File Change Detection (Basic and Pro) – Solid Security logs changes made to your website that can help detect malicious activity on your website.

• Site Scanner (Basic and Pro) – Enable twice-daily checks for known vulnerabilities of WordPress core file, plugins and themes. Using the Google Safe Browsing API, the Site Scan also checks your Google’s blocklist status and will alert you if Google has found any malware on your website.

• Site scanner (Pro) – Ontgrendel Versiebeheer om een patch automatisch toe te passen voor kwetsbare software gedetecteerd door de Site scan wanneer er één beschikbaar is.

• User Logging (Pro) – Keep a record of user activity in your WordPress security logs, including login/logout, user registration, adding/removing plugins, switching themes, changes to posts and pages, and more.

• Version Management (Pro) – The Version Management feature in Solid Security Pro allows you to auto-update WordPress, plugins, and themes. Beyond that, Version Management also has options to harden your website when you are running outdated software and scan for old websites.

🛠️ Site beveiliging hulpprogramma’s

• Enforce SSL – Force all connections to the website to be made over SSL/TLS.

• Database Backups – Create backups of your WordPress database. (Not a complete backup.)

• Geolocation (Pro) – Improve Trusted Devices by connecting to an external location or mapping API.

🚀 Geavanceerd beveiliging gereedschap

• Identify Server IPs – Prevent issues caused by inadvertently locking out your server IPs.
• Change User ID 1 – Change the user ID for the first WordPress user, potentially preventing attacks that assume the user with ID1 exists and is an administrator.
• Change Database Prefix – Change the database prefix that WordPress uses, potentially preventing attacks that assume the database prefix is “wp_”.
• Check File Permission – See the file and directory permissions of key areas of your site.
• Server Config Rules – View or flush the server security rules generated by Solid Security.
• wp-config.php Rules – View or flush the wp-config.php security rules generated by Solid Security.
• Change WordPress Salts – Secure your site after a successful attack by changing the WordPress salts used to secure cookies and security tokens.
• Hide Login URL – change the login URL of your site, making it harder for bots to find your login page and attack it.

🛟 Hulp nodig?

Gratis ondersteuning is beschikbaar met de community’s hulp in de WordPress.org support forums. Ons Solid Security support team voorziet daar de beste technische ondersteuning voor al onze Solid Security Basic gebruikers.

Ons Help Centrum zal je helpen een iThemes Security expert te worden.

Krijg extra gemoedsrust met professionele ondersteuning van ons team van experten en til je site’s beveiliging naar een hoger niveau met de pro functies van Solid Security Pro.

Herstel van een gehackte site

Solid Security makes regular backups of your WordPress database, allowing you to get back online quickly in the event of a hack or security breach. Use Solid Security to create and email database backups on a customizable schedule.

Voor volledige site back-ups en de mogelijkheid om WordPress terug te zetten of verplaatsen naar een nieuwe host of domein, check uit Solid Backups.

Solid Central Integration

Beheer van meer dan één WordPress site? Uitsluiting opheffen en hou je thema’s, plugins en WordPress core up to date vanuit één dashboard met Solid Central.

*Zippia. “30 Cruciale Cybersecurity Statistieken[2023]: Data, Trends En Meer” Zippia.com. Jun. 15, 2023, https://www.zippia.com/advice/cybersecurity-statistics/

**https://blog.checkpoint.com/2023/01/05/38-increase-in-2022-global-cyberattacks/

Licentie

Uitgebracht onder de voorwaarden van de GNU General Public License.