Beschrijving

Bulletproof your website security in a few clicks against a range of security breaches, including brute-force attacks, malware threats and bots, with our free WordPress security plugin – Security Optimizer.

Proactively monitor your site’s security to detect any suspicious activity and take immediate actions to protect your site and prevent further damage with these essential features:

Enable 2FA (Two-Factor Authentication) for an extra layer of website security
Set Beperk login pogingen to deter malicious login attempts and brute-force attacks
Change your default login URL to Custom Login URL to avoid attacks
Activate Geavanceerde XSS bescherming to fortify your website against malicious attacks
Systeem mappen vergrendelen en beveiligen to ensure no unauthorized or malicious scripts can be executed in your system folders
Uitschakelen thema’s & plugins editor to safeguard your website from unauthorized access via the WordPress editor
Verberg WordPress versie effortlessly, keeping it hidden from prying eyes
Use Activiteiten log to monitor your site and quickly prevent malicious actions
Post-Hack Actions to take immediate actions and prevent further damages

Developed by the website security experts at SiteGround and trusted by over 900,000 webmasters for its robust security shield and ease of use to safeguard WordPress applications from possible attacks on any hosting platform.

AWARDS:

Monster Awards 2022: Best WordPress Security Plugin 🥇
Monster Awards 2021: Best WordPress Security Plugin 🥇

Plugin Video

Plugin Tutorial

Unveil the vast array of features and unleash the full potential of our security plugin in our Security Optimizer Tutorial.

SITE PROTECTION FEATURES

Safeguard your WordPress application using our powerful site security toolset. Our comprehensive features are specifically designed to strengthen your website’s defenses against malware, exploits, and various malicious activities. With these tools at your disposal, you can ensure the utmost bot, malware and brute force protection for your website:

Systeem mappen vergrendelen en beveiligen

Ensure the maximum security for your application’s system folders by preventing the execution of any unauthorized or malicious scripts. The Lock and Protect System Folders feature acts as a powerful shield against potential threats.

Verberg WordPress versie

Protect your website from mass attacks by hiding the WordPress version, which helps to mitigate version-specific vulnerabilities.

Uitschakelen thema’s & plugins editor

Enhance the security of your WordPress admin area by disabling the Themes & Plugins Editor, preventing potential coding errors and unauthorized access through the editor.

XML RPC uitschakelen

Beperk mogelijke beveiligingsrisico’s door het uitschakelen van het XML-RPC protocol, dat is misbruikt bij verschillende aanvallen. Houd er rekening mee dat het uitschakelen van XML-RPC de communicatie van WordPress met externe systemen beperkt. We raden aan deze functie in te schakelen, tenzij je er specifiek behoefte aan hebt.

RSS- en ATOM feeds uitschakelen

Prevent content scraping and specific attacks on your site by disabling RSS and ATOM feeds. Unless you have readers accessing your site via RSS readers, it is recommended to keep this feature enabled.

Geavanceerde XSS bescherming

Add an extra layer of website security against cross-site scripting (XSS) attacks by enabling Advanced XSS Protection, bolstering the overall security of your website.

Delete Default Readme.html

Eliminate potential vulnerabilities by deleting the default readme.txt file, which contains information about your website. By removing this file, you reduce the risk of your site being listed in vulnerable sites targeted by hackers.

Login Security

Aangepaste login URL

Personalize your login URL to thwart potential attacks and create a strong entry point. Bid farewell to the default login URL and embrace a bespoke path of your choosing. Additionally, you have the freedom to modify the default sign-up URL as well.

Login toegang

Restrict login page access to specific IP addresses or IP ranges, effectively thwarting malicious login attempts and deterring brute force attacks.

2FA (Two-Factor Authentication)

Immerse your website in an impenetrable shield of security with 2FA. This formidable feature demands that all admin users furnish a unique token, generated exclusively through the Google Authentication application, during the login process.

Algemene gebruikers namen uitschakelen

Don’t fall victim to predictable security breaches! The use of common usernames, such as ‘admin,’ poses a significant threat to the integrity of your website. Activate this option to disable the creation of common usernames. If any weak usernames already exist, we’ll prompt you to provide new, stronger alternatives.

Beperk login pogingen

Maintain control over unauthorized access attempts with Limit Login Attempts. Set a specific threshold for the number of login failures users can endure before consequences arise. After reaching the limit, the IP address associated with the unsuccessful login attempts will be blocked for one hour. Persistent failures will result in longer restrictions, starting with 24 hours and escalating to a week.

ACTIVITY MONITORING

Monitor your website and login page for unauthorized visitors and brute force attempts to prevent malicious actions

Activiteiten log

The Activity Log page provides you with a comprehensive view of the activities performed by registered, unknown, and blocked visitors. It allows you to closely monitor any suspicious behavior and take appropriate actions in case of a compromised user, plugin, or hacking attempt. You can leverage the quick tools available to swiftly block future attempts.

Weekly Security Reports

Receive a weekly traffic summary for your website directly to your inbox. This Weekly Security Report compiles data on both bot and human traffic, along with details about blocked login and visit attempts to proactively monitor traffic and promptly identify suspicious activity.

POST-HACK ACTIONS

Take immediate measures to protect your website if you suspect a compromise and prevent further damage. Here, you’ll find convenient solutions to address the situation effectively:

Installeer alle gratis plugins opnieuw

In the event of a hack, utilizing the Reinstall All Free Plugins feature can help mitigate potential harm. This action reinstalls all of your free plugins, reducing the likelihood of additional exploits or the reuse of malicious code.

Alle gebruikers uitloggen

To prevent any further unauthorized activities by users or attackers, you can choose to log out all users instantly using the Log Out All Users feature.

Wachtwoord opnieuw instellen afdwingen

By enforcing a password reset, you can ensure that all users are prompted to change their passwords during their next login. This not only strengthens the security of their accounts but also immediately logs out all currently logged-in users.

Eigenschappen

WordPress 4,7
PHP 7,0
Werkend .htaccess bestand

Data Collection

Collection of technical data is optional and is listed here. This data is collected only for technical analysis, improvements and the possibility to contact the plugin user in case urgent issues need to be fixed (for example a critical security release that needs to be communicated to site owners). The plugin user can manage their preferences within the WP admin to control the collection of technical data. We advise opting in for this data collection, as it can enhance the plugin’s performance. You may find more information on data collection in our Plugins Privacy Notice.

Schermafdrukken

Installatie

Automatische installatie

Ga naar Plugins -> Nieuwe toevoegen
Search for “Security Optimizer by SiteGround”
Click on the Install button under the Security Optimizer by SiteGround plugin
Zodra de plugin is geïnstalleerd, klik je op de link plugin activeren

Handmatige installatie

Login op je WordPress beheer paneel en ga naar plugins -> Nieuwe toevoegen
Selecteer het ‘Uploaden’ menu
Klik op de knop ‘Bestand kiezen’ en wijs je browser naar het sg-security.zip bestand dat je hebt gedownload
Klik op de knop ‘Nu installeren’
Go to Plugins -> Installed Plugins and click the ‘Activate’ link under the WordPress Security Optimizer by SiteGround listing

Beoordelingen

leopap 12 december 2024 1 reactie

The plugin is quite heavy and makes conflict with translate press. Variations and titles of products disappeared in the second language. After disabling all is back to normal.

Vedran Mandić 8 november 2024

I like that this plugin involves all of the important things and does this in friendly manner ie. admin UI. Limit logins, 2fa, etc. Apart from speed optimizer a must have.

swinggraphics 19 augustus 2024 1 reactie

Cannot unsubscribe from the emails without admin access. In my experience, this makes the plugin extremely annoying. They do not plan to fix this.

tinaponting 12 augustus 2024

A simple plugin, who does what it supose to do – Protecting:)

yannickburky 15 juli 2024

Finally, a simple plugin. No 300 menus and submenus. Just the essentials.

danielarco 19 juni 2024

Good 2fa plugin

Lees alle 144 beoordelingen

Bijdragers & ontwikkelaars

“Security Optimizer – The All-In-One Protection Plugin” is open source software. De volgende personen hebben bijgedragen aan deze plugin.

“Security Optimizer – The All-In-One Protection Plugin” is vertaald in 11 localen. Dank voor de vertalers voor hun bijdragen.

Vertaal “Security Optimizer – The All-In-One Protection Plugin” naar jouw taal.

Interesse in ontwikkeling?

Bekijk de code, haal de SVN repository op, of abonneer je op het ontwikkellog via RSS.

Changelog

Version 1.5.7

Release Date Nov 21st, 2024

Translation loading improvements

Version 1.5.6

Release Date: Oct 9th, 2024

Custom Login URL improvements
2FA improvements
Activity Log improvements

Version 1.5.5

Release Date: Sep 18th, 2024

Options improvements.
Block Service improvements.

Version 1.5.4

Release Date: Sep 10th, 2024

Activity log code improvements.
Salt Shaker code improvements.

Version 1.5.3

Release Date: Aug 27th, 2024

Code Improvements.

Version 1.5.2

Release Date: Aug 1st, 2024

Improved Custom Login Url handling
Improved Plugins Reinstall actions
Improved Translations
Improved plugin config
Fixed deprecated warnings in custom WP-CLI commands

Version 1.5.1

Release Date: July 17th, 2024

Improved Activity log bot detection
Improved Activity log logout handling
Improved 2FA with third-party custom logins
Improved compatibility with third-party plugins
Security improvements related to plugin notices

Version 1.5.0

Release Date: May 23rd, 2024

Improved support for PHP 8.2 and 8.3.
Improved plugin configuration.

Version 1.4.13

Release Date: Mar 27th, 2024

Plugin optimization.

Version 1.4.12

Release Date: Feb 20th, 2024

Bugfixes related to cookies and 2FA

Version 1.4.11

Release Date: Feb 14th, 2024

Security improvements related to cookies
Performance improvements

Version 1.4.10

Release Date: Jan 11th, 2024

Static assets are now part of the plugin package and load locally.
New users will be prompted to give their consent for the collection of technical data upon their initial use of the plugin.

Version 1.4.9

Release Date: Dec 12th, 2023

Improved detection of bots in activity log
Improved feature “Reinstall All Free Plugins” – deactivated plugins no longer get activated after the reinstall.

Version 1.4.8

Release Date: Nov 22nd, 2023

Dashboard visuals improvements
Readme file improvements
Weekly Security Report improved translations

Version 1.4.7

Release Date: Oct 24th, 2023

Data collection opt out option
Readme file formatting improvements
Plugin name formatting improvements
Weekly Activity Report Sending Schedule Randomisation

Version 1.4.6

Release Date: Sept 26th, 2023

Changing the name we use inside the plugin from SiteGround Security to Security Optimizer
Updating data collection process and Introducing a link in the plugin interface to the Plugin Privacy notice

Version 1.4.5

Release Date: May 4th, 2023

Improved log cleanup

Version 1.4.4

Release Date: May 3rd, 2023

Improved Visitors DB table indexing
Block service restored

Version 1.4.3

Release datum: 27 april 2023

Block service temporally disabled

Version 1.4.2

Release datum: 27 april 2023

Verbeterd activiteiten log proces en filters
Verbeterde code voor beperkte login reactie
Verbeterde PHP 8.2 comptabiliteit.
Alternatieve constante toegevoegd voor het gebruik van niet-standaard cron taak

Version 1.4.1

Releasedatum: 23 feb 2023

Interne configuratie verbeteringen

Version 1.4.0

Releasedatum: 1 feb 2023

Interne configuratie wijzigingen

Version 1.3.9

Releasedatum: 25 januari 2023

Verbeterde Foogra thema ondersteuning

Version 1.3.8

Releasedatum: 6 dec 2022

Verbeterde reactie
Verbeterde controles op de pagina instellingen
Verbeterde uitschakelen thema’s & plugins editor

Version 1.3.7

Releasedatum: 15 nov 2022

SG Security Dashboard bug fix
Verbeterde 2FA codering sleutel validatie
Verbeterde validatie van aangepaste login-/register URL’s
Verbeterde LiteSpeed Cache ondersteuning
Optie om aangepaste 2FA codering sleutel bestand pad te gebruiken

Version 1.3.6

Releasedatum: 8 nov 2022

Verbeterde 2FA beveiliging met encryptie
Verbeterde filters voor toegang logs
Nieuwe WP CLI opdracht: reset alle gebruikers 2FA instelling

Version 1.3.5

Releasedatum: 18 okt 2022

Verbeterde aangepaste login URL
Verbeterd activiteiten log

Version 1.3.4

Releasedatum: 10 okt 2022

Service correctie installeren

Version 1.3.3

Releasedatum: 10 okt 2022

Nieuwe optie activiteiten log beheren
Nieuw filter – Activiteiten log uitschakelen
Verbeterde aangepaste login URL
Verbeterde WP CLI ondersteuning
Verbeterde Jetpack plugin ondersteuning
Verbeterde fout afhandeling
Kleine bugfixes
Verouderde code verwijderd

Version 1.3.2

Releasedatum: 21 september 2022

2FA Back-up codes beveiliging versterken

Version 1.3.1

Releasedatum: 13 september 2022

2FA Authenticatie beveiliging versterken
IP adres detectie beveiliging versterken

Version 1.3.0

Releasedatum: 14 juli 2022

Gloednieuw ontwerp
Verbeterde compatibiliteit met 2FA authenticatie met Elementor aangepaste login pagina’s
Verbeterde gegevens verzameling
Kleine oplossingen

Version 1.2.9

Releasedatum: 20 juni 2022

NIEUW Filters voor “Systeem mappen vergrendelen en beveiligen” uitsluiten
Verbeterde ondersteuning voor IP bereiken
Verbeterde lijst met geblokkeerde IP adressen
Verbeterde verwijder de standaard readme.html
Verbeterde validatie van 2FA Authentication
Verbeterde ondersteuning voor 2FA Authentication voor login op “Mijn account”
Verbeterde gegevens verzameling
Kleine oplossingen

Version 1.2.8

Releasedatum: 18 mei 2022

Verbeterde beveiliging van plugins

Version 1.2.7

Releasedatum: 8 april 2022

Kleine bugfixes

Version 1.2.6

Releasedatum: 7 april 2022

2FA Refactoring

Version 1.2.5

Releasedatum: 6 april 2022

2FA Authentication refactoring
Verbeterde wekelijkse e-mails
HTST service verouderd

Version 1.2.4

Releasedatum: 16 maart 2022

Verbeterde wekelijkse e-mails
Verbeterde WooCommerce betalingen plugin ondersteuning
2FA Authenticatie beveiliging versterken

Version 1.2.3

Releasedatum: 11 maart 2022

2FA Authenticatie beveiliging versterken

Version 1.2.2

Releasedatum: 11 maart 2022

2FA Authenticatie beveiliging versterken

Version 1.2.1

Releasedatum: 9 maart 2022

Verbeterde wekelijkse rapporten
Verbeterde HTTP headers service
Code refactoring

Version 1.2.0

Releasedatum: 28 februari 2022

NIEUW – Wekelijkse rapporten
Code refactoring en algemene verbeteringen
Verbeterde ondersteuning voor 2FA gebruiker rollen
Verbeterde fout afhandeling
Verbeterde ondersteuning voor LIMIT LOGIN IP bereik
Verbeterd evenement log
Verbeterde Phlox thema ondersteuning
Kleine oplossingen
Verbeterde WP CLI ondersteuning
Toestemming voor het verzamelen van omgeving gegevens toegevoegd

Version 1.1.3

Releasedatum: 1 oktober 2021
* Verbeterde Hide WP versie functionaliteit

Version 1.1.2

Releasedatum: 20 augustus 2021
* Verbeterde aangepaste login URL functionaliteit
* Verbeterde 2FA
* Verbeterde succes/fout berichten

Version 1.1.1

Releasedatum: 12 augustus 2021
* Verbeterde 2FA
* Verbeterde uitlog functionaliteit

Version 1.1.0

Releasedatum: 27 juli 2021
*NIEUW! 2FA back-up codes toegevoegd aan de profiel bewerking pagina
*NIEUW! Aangepaste aanmeldings- en registratie URL’s
*NIEUW! Automatische generatie HSTS headers toegevoegd
* Verbeterde functie algemene gebruikersnamen uitschakelen
* Verbeterde massa afmelding service
* Verbeterde activiteit logging en aangepaste labeling toegevoegd
* Verbeterde functionaliteit voor het opnieuw instellen van wachtwoorden

Version 1.0.4

Verbeterde beperking login pogingen

Version 1.0.3

Waardering box bug opgelost in Safari
Verbeterde RSS & ATOM Feed Disabler service

Version 1.0.2

Filter toegevoegd om de levensduur van het log te configureren
WP CLI ondersteuning toegevoegd
Verbeterde strings

Version 1.0.1

Standaard waarden toegevoegd bij installatie
Verbeterde ondersteuning voor vertalingen
Opschoning toegevoegd bij het verwijderen

Version 1.0.0

Eerste stabiele release.

Version 0.1

Eerst uitgave.

Incompatible with Translate press

Has all of it

Cannot unsubscribe from the emails

Works Great

Simple as we like it

Good 2fa plugin