There is no doubt that you spend a lot of time and money on the website. You are satisfied with the final result, of course. It is easy to see why most people choose additional security measures to protect what they are trying to create. Finding reliable security plug-ins may actually seem easy, but it may be difficult. After all, inner peace and security are in the hands of others, so it is important to take time to test available projects and determine whether they are in line with your website and technical level. Ithemes security (formerly better WP security) is one of the top WordPress security plug-ins. Although there are many loyal supporters, how well does it actually work in protecting the website and users? The
Create this comment to help determine and decide if ithemes security is right for you. Ithemes plug-in review of WordPress website security androg ithemes security review better WP security plug-in was acquired by ithemes Media LLC on March 25, 2014 and restarted with ithemes security. Chris Wiegman is the original developer of the plug-in. During the transition period, he worked closely with ithemes’ employees and CEO Cory Miller. At that time, Miller was a fan of better WP security. He said that he used it to lock his personal website. The
Cory started his career as a journalist. In 2008, he decided to work full-time in his career. As a result, he became ithemes media, one of the fastest-growing companies in Oklahoma City in 2011. Miller is the author of three non fiction themes and co-author of WordPress all in one for Dummies. He also co founded the div in Oklahoma, which focuses on innovation, creativity and education. Ithemes media currently has 19 employees, including developers, technical support and professors. As the iTheme website claims, they like to create tools that help create great websites. \
Recently, 60000 users affected by security threats were found that a server of ithemes was hacked on September 23, 2014. Cory quickly announced security violations and was particularly honest about what happened. For security reasons, it is very important to encrypt the password. In the initial release, he urged users to reset the password displayed in plain text and provide other information, such as full name, user name, e-mail and IP address. Fortunately, ithemes uses a third-party payment system, so it cannot access payment information. The
About 60000 users’ information was leaked, which was fully proved by the second release. Cory admitted that the member software used by the company since 2009 uses plain text to store passwords. Even if the company is aware of the security problem, it fails to modify it in time. The problem is how user information is stored. Unencrypted and unprotected. When the server is compromised, hackers can access readable user information. The basic principle of online security is to store information online without encryption. In addition, ithemes stopped saving user information as plain text, so it didn’t fix the problem immediately. But they reset the passwords of all affected users. I’m not sure whether the hacker saved this information, but I do have access. The
Further summary: a server of ithemes media was attacked by hackers, and the company has been responsible for security defects within 5 years
I have access to user information, although it is. After recognizing the safety violation, they were very clear about the situation and immediately released it, but did not immediately solve the fundamental problem. For companies selling security plug-ins – not to mention the free version being studied here – recent violations have made anyone cautious about using the product. After his second update, Cory said that other updates would be provided \
All information has now been deleted. Now let’s review the free version of ithemes security. How much is the charge? Basically, this sucker is completely free. You can use all the security features you need without paying. This in itself deserves attention. Rarely encounter plug-ins that contain features that advanced plug-ins can find. Many free versions of advanced plug-ins lack major features and are almost useless. This is not that type of plug-in. If you want to purchase themes Security Pro license, the price is: The
2 licenses – $80 per year 10 licenses – $100 per year unlimited license – $150 per year unlimited license and 20 ithemes plug-ins (and growing) – purchase the backupbuddy plug-in fully integrated with ithemes security for $247 per year, and you can purchase additional subscriptions. The backupbuddy plug-in backs up all files, including the database. Backups will be ed directly to their own storage devices to ensure secure storage. It also describes how to provide seamless backup during site migration. The
If you are only satisfied with backing up the database, you can use the free version of ithemes security. The free plug-in provides a variety of functions and options. What will you get? The free version of ithemes security provides access to various functions (listed below). If you choose to purchase ithemes Security Pro, a single site can use one license. High end products include automatic updates and ticket support during the license period, as well as various additional features. The free plug-in includes many excellent and necessary functions, such as malware checking, common back-end malicious exploitation, undifferentiated intrusion attacks and protection of comment spam. It includes the IP shielding (or white list) function. The shielding function of each country \/ region will be updated in the future. The
The complete function list is as follows: Undifferentiated intrusion protection hidden strong password execution login and management page security report file change detection users with too many failed login attempts or 404 errors. The file change detection setting cannot access the administrator (if on leave) WordPress within one hour; Delete jQuery version and other hidden header metadata users’ update notification default \
How is justice in the world? The
How does it work? When installing the plug-in for the first time, you will get a free API key and select several default options to prompt the user to \
Provided. One of the features I really appreciate is the ability to add IP addresses to the white list. With this feature, you don’t have to worry about locking in the administrator area. In addition, it is worth noting that ithemes will not provide support if hackers attack. If there is a full backup of the site (such as the advanced backupbuddy plug-in) or not, we expect to use a third-party service to restore the site. In this case, this plug-in is only useful for preventive measures and cannot rely on full protection. Despite the limitations, most people succeed with this plug-in. The positive comments of WordPress plugins repository can prove this. The final result is indisputable. By default, you can easily set the plug-in outside the box. As the name suggests, just click a few times. You don’t have to fiddle with other settings, but this adds an extra layer of protection, so there is a win-win situation. Complete the plug-in setting in 45.28 seconds. This includes installing and activating operations before the initial setup is complete. Yes, I actually arranged the time. I am really handsome. Admittedly, I don’t think ithemes can basically provide a more relaxed user experience. The only way to break this initial setting is not to do it at all. Trustworthy, which makes the situation a little more complicated. The plug-in protects the site very well, but recent security violations have raised several very important issues. If ithemes recognizes the problems that may threaten the security of its website within a period of time (actually 5 years) and decides not to take any measures, it will not talk about quality assurance. If they can’t protect their website, how can you be sure that they will protect your website? It seems too simplistic, but it is not. As described in this review, one of the servers was hacked because it failed to fix a very basic security flaw. Encrypting user information without saving it as plain text is the first step in protecting information online. When they provide online security services themselves, if they fail to comply with the most basic online security principles, they will question the integrity of the service. After all, if they fall into those basic mistakes, what else? I’m not suggesting that ithemes aim at infringing information. But they have ignored this problem for years. Cory took full responsibility for the accident and was completely honest about the problem in a timely manner, which is really commendable. But what happens will not change. The information is corrupted and completely preventable. Ultimately, to increase the value of this service, you must focus on security and personal information. I don’t think a plug-in or service is worth losing personal information or information. If you are not interested, you can enjoy the beautiful plug-ins. From the perspective of resource consumption \/ speed, the plug-in is quite light and fast, and does not need too many resources. Instead, to use advanced features, you must ensure that there is a large amount of ram and CPU available. Speed is not affected, but resources are affected. The advanced function \
, detect file changes, change the database prefix, and change the content directory. To use these features, you need a lot of available resources and regularly back up your site. In general, we find that strict use of the plug-in requires at least 1 GB of ram. There are many plug-ins, but the security of the site is very important and worth considering. It is worth mentioning that if you want to use functions that are slightly burdensome to resources, you must ensure that you have enough ram. By default, the last idea is that this free plug-in works very well, and there are few recent problems at the basic user level. The plug-in also has sufficient functionality to protect users from most threats. In addition to installing this plug-in, the only thing you need to care about is to avoid being troubled by phishing scams. You. The ithemes team was unable to stop the time reversal to avoid security violations in September. However, in fact, user data was exposed not only to hackers, but also to ithemes’ own security flaws. Therefore, it is recommended that you use the plug-in carefully. If you have any questions, please contact ithemes. Nevertheless, there are many loyal supporters of the ithemes security plug-in. It is not difficult for excited customers to understand many reasons. Back up your site, as they often suggest. Image credit: ithemes Media LLC and Intel free press. A good plug-in can be used for free and completed by itself (without extension). Easy to use, plug-in settings and external have clear instructions. Protect the plug-ins from malicious intrusion and backdoor vulnerabilities, including malware inspection. The plug-ins will be continuously updated and new security features will be added regularly. Plug ins compatible with word press multi site advanced features, such as changing the directory of sensitive files and renaming the database prefix, can easily damage the site even if SSL is not enabled. Because scanning takes a lot of resources, the plug-in is not built for a shared managed platform. For sites invaded by hackers, the only solution is to restore. Does not provide complete protection of the site, such as partial spam protection. The ithemes server was recently hacked. Our summary learning curve \/ ease of use: features: outside the box: reliable: resource consumption \/ speed: Overall: website access label: word press security
