Implement dual authentication for sub accounts. Use the ithemes security plug-in to enable WordPress two-level authentication for all administrator level accounts. Dual authentication is a process that requires two different authentication methods to confirm personal identity.
Two factor is a free feature of ithemes security plug-in, so please ithemes security and install it on WordPress website. Ithemes secure 3. Check the security log of the website to ensure that the administrator account has an unexpected login. Website security logging is an essential part of WordPress security policy. If logging and monitoring are inadequate, security violation detection may be delayed. The WordPress security log has several benefits for the overall security policy. 1. Identify and stop malicious behavior. Every day, many activities you don’t know happen on your website. Most of these activities may be directly related to site security. This is why logging is important. Track activity to know if hacking or infringement has occurred.
2. Find activities that can warn against violations. Activities such as unrecognized file changes or suspicious user activity may indicate a hacker attack. It is important to know when these activities occurred in order to quickly know whether infringement has occurred. 3. Please assess how much loss has occurred. The WordPress security log allows you to view file changes and user activity that may be related to hacking or violations. Logs provide a tracking function to help hackers insert malicious scripts or change other files on the website to recover the damage caused.
4. Help restore sites attacked by hackers. If your site is hacked, you will need the best information to help you quickly investigate and recover. WordPress security log can show all the changes made by hackers, from guiding the hacker timeline, adding new users to adding unwanted constraint advertisements on the website. Ithemes Security Pro’s word press security log allows you to easily track user activities, such as logging in, creating \/ registering users, adding \/ deleting plug-ins, changing posts \/ pages. 
4. Force password changes on the WordPress security dashboard. You can force password changes for all users on the ithemes Security Pro dashboard. This will require the user to pay close attention and change the password.
5. Activate a trusted device with the function of preventing session overload. The reliable device function of the ithemes Security Pro plug-in is used to identify the devices you and other users use to log in to the WordPress site. After identifying the device, it can prevent session hijackers and other malicious acts from causing harm to the website. If a user logs in to an unrecognized device, you can limit administrator level functionality. In other words, if an attacker may invade the back end of the WordPress site, the website cannot be changed maliciously.
Ithemes Security Pro will also send an email to inform you that someone has logged in to your site from an unknown device. Email contains options to block hacking devices. Then, on the unapproved device, it can be confirmed that an unrecognized login has occurred at the site. Please pay attention to the increase of phishing email. It can be seen from the security disclosure that the disclosure of GoDaddy customer email address may lead to phishing risk. Beware of suspicious emails sent by GoDaddy. Phishing uses email, social media, text messages and phone calls to deceive victims
A network attack method that does not allow the provision of personal information. The attacker then uses this information to access personal accounts or perform identity spoofing.
Confirm the 4 email addresses of the sender that are used to detect phishing emails – if you receive emails from companies such as GoDaddy, the part after \
Obtain the ithemes Security Pro WordPress security plug-in through year-round website security monitoring. Ithemes Security Pro provides more than 50 methods to protect and protect websites from common WordPress security vulnerabilities. You can use WordPress, dual authentication, indifference proxy protection, strong password application, etc. to add a security layer to the website. For plug-in and theme vulnerability detection, site scanner file change, real-time website security control board, WordPress security log, reliable device reCAPTCHA, indifference substitution protection, dual authentication, direct login link permission reporting, password confirmation and denial ithemes security process
