Recently, the team at iThemes updated their renowned Better WP Security plugin to include some intuitive security features. They even changed the name, it's now known as “iThemes Security Pro“. Read our recent review here.
1. Right off the bat, you can see exactly what priority security rules should be configured
Why skate from configuration to configuration when you can just get a list of the things you should set up in a prioritized, organized manner? I'd rather not scroll through pages and pages of options and tick a bunch of boxes without knowing what they do or why I should have them enabled/disabled. With this dashboard, setting up iThemes Security Pro on your WordPress site is a breeze.
2. PHP execution in your “Uploads” folder
As WordPress security specialists, we've seen more and more issues with plugin “upload” features. Some of the plugins may even allow PHP POST uploads to your “wp-content/uploads” folder. With time, some of these plugins are not maintained nor updated and they become a liability. If a hacker can exploit one or more of your plugins with an upload feature, they could get a PHP file with malicious code injected and run it. With this feature enabled, they will be unable to run that script. Problem solved.
3. Hide your backend!
One of the coolest features that has just gotten better and better over time is the option to hide the WordPress administration panel under a different alias. The first thing a lot of hacker bots do is look for that wp-login or wp-admin area of your site and they try to brute-force with the “admin” username (so change that as well in the plugin).
4. jQuery version safety
5. iThemes is dedicated to keeping it maintained and adding new features
The team at iThemes is a highly dedicated and intelligent group. They have been working non-stop for the last few months on this upgrade. iThemes has a lot to show for their efforts in the way of newer and improved features for keeping WordPress safe from hackers. In a recent webinar with Chris Wiegman, he revealed that there will be WAY more coming – including a premium version of the plugin loaded with additional features, such as 2-factor authentication and malware detection.
In the way of caveats, there have been numerous (1, 2, 3, 4) reports on the WordPress forums and on some individual blogs of people who have had issues with the upgrade process, including white screens of death (WSOD), users locking themselves out, and more. However the team at iThemes has really been on top of the bugs lately. So we certainly recommend upgrading.