Defender Security – Malware Scanner, Login Security & Firewall

Omschrijving

Defender adds the best in WordPress security plugin to your website with just a few clicks. Stop brute force attacks, SQL injections, cross-site scripting XSS, and other WordPress vulnerabilities and hacks with Defender malware scans, antivirus scans, IP blocking, firewall, activity log, security log, and two-factor authentication login security.

No longer do you have to go through hideously complex settings and get a virtual PhD in security. Defender adds all the hardening and security tweaks you need.

Security Tweaks

Defender starts with a list of one-click hardening techniques that will instantly add layers of protection to your site.

Block hackers at every level:

  • Two-factor authentication – passwords and mobile app verification codes
  • Login masking – change the location of WordPress’s default login area
  • Login lockout – failed login attempts lockout
  • 404 Detection – automated block of bot IPs
  • Geolocation IP lockout – block users based on location and country (IP blocking)
  • WordPress Security Firewall – block or allowlist IPs
  • Disable trackbacks and pingbacks – spam prevention
  • Core and server update recommendations – stay on top of your system
  • Disable file editor – if they get in, they won’t get far
  • Hide error reporting – don’t reveal your issues
  • Update security keys – reset on-demand
  • Prevent information disclosure – why tell them what you have
  • Prevent PHP execution – because it’s daaaangerous

Learn The Ropes With These Hands-On Defender Tutorials

WordPress Security Scans

Run free malware scans that check WordPress for suspicious code and malware. The Defender scan tool compares your WordPress install with the master copy in WP directory, reports changes and lets you restore the original file with a click.

Google 2-step Verification

Now you can easily join the millions of users that make their accounts safer with Google 2-Step Verification. Activate two-factor authentication and protect your account with both your password and your phone.

Firewall and IP Manager

Keep your site safe with Defender’s IP manager and firewall. Manually block specific IPs, import a list of banned IPs and set automated timed and permanent lockouts. Defender makes it easy to block and unblock specific locations quickly thanks to its advanced firewall (WAF).

Login Protection

Brute force attacks are no match for Defender. Limit login attempts to stop users trying to guess passwords. Permanently ban IPs or trigger a timed lockout after a set number of failed login attempts.

Login Screen Masking

Defender makes it easy to move your login screen to a custom URL. Not only does login screen masking improve security, but it also lets you white label your login user experience and improves branding.

404 Limiter

Defender detects when bots are being used to scan your site for vulnerabilities and shuts them down. The 404 limiter lets you stop the scan by detecting when a bot keeps visiting pages that do not exist, which can also save you from a giant strain on your site’s performance.

Notifications and Reports

Defender runs surveillance and sends notifications with information that matters.

What Do People Say About Defender?

★★★★★
“I found other pro security plugins a bit too fiddly for my taste…I’m delighted with Defender” – KeithADV

★★★★★
“Thank you for bringing back a free and easy to use 2-Factor Authentication after Clef! Defender helps keep me aware of my sites security.” – awijasa

★★★★★
“Defender’s interface is very intuitive with warnings that are very helpful” – djohns

★★★★★
“Defender Recently blocked over 3000 attacks in one week without any noticeable impact on the website. WPMUDEV knocking it out of the park on this one.” – David Oswald

Secure Websites, More Trust, Better Profit

Your visitors expect a super-safe extra secure website when deciding whether or not to make a purchase or submit information. If visitors don’t trust your site, they will leave without completing a transaction.

If you’re running a business website or eCommerce store privacy, security, uptime and trust are essential.

Defender is here to help you: it’s a one of a kind WordPress security plugin that makes web security easy for anyone, for free!

  • Google 2-Step Verification
  • One-click site hardening and security tweaking
  • WordPress core file scanning and repair
  • Login Screen Masking
  • IP Blocklist manager and logging
  • Unlimited file scans
  • Timed Lockout brute force attack shield for login protection
  • 404 limiter for blocking vulnerability scans
  • IP lockout notifications and reports

Defender is built to make security simple: it makes your WordPress site harder to hack and it’s insanely easy to set up. Run a scan and implement recommended changes in one-click, for added security in mere minutes.

All the above is free and will secure WordPress for you. If you need extra security for your WordPress site, you should get WPMU DEV Membership.

Our Membership gives you access to Defender Pro – which features automated scanning, scheduled malware scans for Core, themes, plugins and other files, audit logs, Blocklist monitoring – alongside Snapshot Pro cloud backups, the Hub with automated plugin, theme and core updates and safe-upgrade scans, all our premium WordPress plugins, 24/7 WordPress support and if your sites already been hacked our team of security experts will clean it up at no additional cost.

It’s an incredible deal, and you can find out more here.

A Note From Defender

Hey! This is Defender, your trusted solution for WordPress security and hack prevention. I’m part of the WPMU DEV team, a superhero-suite of WordPress plugins, services, and support. Here are some of our other free plugins:

  • Smush – Image Compression and Optimization
  • Forminator – Form, Quiz, Poll and Survey Builder
  • Hummingbird – Page Speed Optimization
  • Hustle – Pop-ups, Slide-ins and Email Opt-ins
  • SmartCrawl – SEO checker, Analyzer and Optimizer

And if you need ALL our Pro plugins AND 24/7 WordPress support, get WPMU DEV membership! You can try it free for 30 days: premium.wpmudev.org

My superhero friends run the WPMU DEV Blog, your source for the very best WordPress tutorials. If you need to be in the know about WordPress, check it out.

Thanks for looking at Defender, and I look forward to hardening your site and making it safer than ever.

Enjoy, The Defender

About Us

WPMU DEV is a premium supplier of quality WordPress plugins and themes. For premium support with any WordPress related issues you can join us here:
https://premium.wpmudev.org/

Don’t forget to stay up to date on everything WordPress from the Internet’s number one resource:
[WPMU DEV Blog(https://premium.wpmudev.org/?utm_source=wordpress.org&utm_medium=readme&utm_campaign=defender-readme&utm_content=wpmu_dev_blog_link)

Hey, one more thing… we hope you enjoy our free offerings as much as we’ve loved making them for you!

Schermafdrukken

  • Malware scans and one-click hardening recommendations.
  • Layered security tweaks let your harden your site with a few clicks.
  • Compares your WordPress install with the directory and restore original files with a click.
  • Use 2-Step Verification to protect your accounts with your phone.
  • IP blocklisting, 404 limiter and Timed Lockout attack shield.

Installatie

  1. Upload the wp-defender plugin to your /wp-content/plugins/ directory.
  2. Activate the plugin through the ‘Plugins’ menu in WordPress.
  3. Configure and manage using the defender menu item in the WordPress dashboard.
  4. Done!

FAQ

Why should I choose Defender over other security plugins?

Defender is built to add all the best hardening and security tweaks used by the pros without having to become a security expert. This means you get all the most effective and proven protection methods other services provide with fewer settings, on-click hardening and faster setup.

Is Defender the only step I need to take in securing my WordPress site?

Hackers and bot attacks are not the only threat to your site. No matter what security plugin or service you use, always be prepared with a secure backup stored in a safe location away from your live site. Security does not protect from hosting outages, server errors and accidentally lost or damaged data. We recommend Snapshot. Defender with scheduled managed backups is the best way to keep your site safe.

Help! I was already hacked. What should I do?

WPMU DEV’s expert support will restore and clean up your site after it’s been hacked for free with a 30 day trial of Defender Pro. If you have a backup, we’ll minimize your downtime by activating the most recent clean version of your site. Our experts will then scan your site with Defender to find and fix known vulnerabilities, permanently remove the malicious code and set up his firewall of cyber muscle.

Beoordelingen

26 januari 2021
necessary item to protect website, can't beat the price, appreciate all your hard work.
26 januari 2021
Great plugin finds it very useful especially with the others by the same developer.
26 januari 2021
So far I've been very happy with this plugin, lots of solid functionalities to improve one's WordPress website security. Been using it for roughly a month and I'm seriously considering upgrading to a premium plan in order to get the full package. This is not to say the plugin is absolutely perfect, as it has its bits and bobs (e.g.: 2-step verification always forces me to login and enter the security code twice), but still, I haven't come across a better plugin than this - especially considering that even its free features are already such a great improvement to one's website.
Lees alle 90 beoordelingen

Bijdragers & ontwikkelaars

“Defender Security – Malware Scanner, Login Security & Firewall” is open source software. De volgende personen hebben bijgedragen aan deze plugin.

Bijdragers

“Defender Security – Malware Scanner, Login Security & Firewall” is vertaald in 14 talen. Dank voor de vertalers voor hun bijdragen.

Vertaal “Defender Security – Malware Scanner, Login Security & Firewall” naar jouw taal.

Interesse in ontwikkeling?

Bekijk de code, haal de SVN repository op, of abonneer je op het ontwikkellog via RSS.

Changelog

2.4.5 ( 2020-12-17 )

  • New: Add pagination option for IP lockout logs
  • Enhance: Display Blocklist Monitor in the config structure
  • Fix: Malware Scanning marks own files as suspicious
  • Fix: The IP 127.0.0.1 shows as blocked
  • Fix: Display Notifications in the Hub
  • Fix: File Scan display issue in MS Edge
  • Fix: Hero Image overlaps in Preset Configs
  • Fix: Redirect Url UI needs improvement on Choose redirect page
  • Fix: Display MaxMind link

2.4.4 ( 2020-12-07 )

  • Enhance: Change text to ‘Security Issue(s)’ in the dashboard widget
  • Enhance: Compatibility with WordPress 5.6
  • Fix: Hub synchronization with Defender
  • Fix: Suspicious code found in WPMU DEV plugins
  • Fix: PHP warnings and notices for Firewall and Scan modules
  • Fix: wp_login_form() not working with Masked Login
  • Fix: Chinese URL shows two-digit hexadecimal numbers
  • Fix: IP’s text goes outside the box in Firewall Logs after bulk action
  • Fix: Deactivate button not working first time if there is nothing in Choose redirect page URL in Mask Login Area
  • Fix: Update text in Security Recommendations Report
  • Fix: Typo in Security Recommendations ‘Prevent user enumeration’, ‘Update old security keys’, ‘Manage Login Duration’
  • Fix: While Activating/Deactivating Firewall module, it shows the same message notification
  • Fix: Enabling of Prevent Information Disclosure for Apache server

2.4.3 ( 2020-11-27 )

  • Fix: Masked Login Area not working in some cases
  • Fix: Hub redirect to 404 page when Masked Login Area enabled

2.4.2 ( 2020-11-25 )

  • Fix: Fatal version on WordPress 5.2 and earlier

2.4.0 ( 2020-11-24 )

  • New: Notifications section – centralized manager for all notifications and reports
  • New: Onboarding which will replace the old quick setup and enable everything that is recommended
  • New: New: Bulk behavior for Security Recommendations – resolve/ignore almost everything with a single click
  • New: Improving Security Recommendations UI/UX
  • New: 2FA with Authy and Microsoft Authenticator
  • New: Highlight new features in welcome modal
  • Enhance: Better UI/UX and performance for Malware Scanning
  • Fix: The Audit Logging widget on the dashboard doesn’t show the correct report status
  • Fix: The custom message in Login Lockout doesn’t apply when an IP is banned by using a banned username
  • Fix: Conflict with WP Fastest Cache makes revert buttons show incorrectly
  • Fix: Warning with PHP 7.2.x
  • Fix: The username search in Audit Logging doesn’t work

2.3.2 ( 2020-09-14 )

  • New: Add a separate Tutorials sub-menu and X-icon to remove it from the Dashboard
  • Enhance: Change mention of blacklist and whitelist to blocklist and allowlist on Defender pages
  • Enhance: Change Documentation links for Firewall and Malware Scanning
  • Enhance: Config Improvements
  • Fix: Display custom login forms if the Defender Masking URL is enabled
  • Fix: Receive email from Defender security tweaks daily
  • Fix: Activate ‘Mask Login Area’ through the Defender dashboard
  • Fix: Correct display of the Audit log for a new registered user – except for a Subscriber role – in MU
  • Fix: Masked login alters ajaxurl in MU in sites table page
  • Fix: Remove ‘ambient-light-sensor’, ‘picture-in-picture’, ‘speaker’ and ‘vr’ directives from Feature-Policy header
  • Fix: Compatibility with HUB

2.3.1 ( 2020-08-10 )

  • New: Feature to save presets configurations of the Defender’s settings, and make them available to download and apply to your other sites
  • New: Add tutorials section in the Defender dashboard
  • Enhance: Allow to bulk delete suspicious files
  • Enhance: Improve the logic of how “Include sub-domains” option should be shown on the Strict Transport Security header
  • Fix: Prevent wp-signup.php to access when Mask Login is enabled
  • Fix: 2FA login does not redirect correctly after login via the my-account page of Woocommerce
  • Fix: Remove the Security Tweak ‘Change default database prefix’, as this can be bypass

Changelog for previous versions.