This usage document explains how to use Hub 2.0 security features to secure WordPress sites with scans, Security Tweaks, IP lockouts, Two-Factor Authentication, Login Masking, WAF firewall, and other security features included in Defender Pro.

If you haven’t set up your WPMU DEV account yet, visit the Hub page, where you can explore available features, see pricing packages, and start a free trial.

Already a member? Visit your Hub dashboard to get started.

6.1 Getting Started

Link to chapter 1

To access the Security section of your site from the Hub 2.0, click the site you would like to manage and then click the Security tab in the site manager menu.

This will open the Security settings and options available in Hub 2.0.

Hub 2.0 Security tab overview

If you haven’t setup Defender Pro on your site, click the Activate button to start tracking and managing your security in the Hub. This will install and activate Defender Pro on your website and begin a security scan looking for areas to strengthen website security.

The Security tabs include:

  • Dashboard
  • Settings
  • Documentation

Click on the tabs to navigate settings and sort available updates and actions available for your website.

6.2 Security Dashboard Overview

Link to chapter 2

The Security Dashboard Overview provides an overview of available security settings, configurations, and quick links for managing website security. Modules on the Dashboard include:

  • Security Issues/Tweak
  • Malware Detection
  • Blacklist Monitor
  • Firewall
  • Audit Logging
  • Two-Factor Authentication
  • Mask Login Area

This chapter covers the available security settings and configuration options in each of the Defender Pro security modules.

6.2.1 Security Issues/Tweaks

Link to chapter 2

Defender’s Security Tweaks are a combination of layered security steps identified by professionals to make it harder for hackers and bots to gain access to your sites. For a complete list of Defender’s Security Tweaks and a guide on how to resolve them, visit the Defender documentation.

The Security Issues module lists all the unresolved Defender recommendations listed in the Security Tweaks section.

Clicking on the Settings icon (three dots next to the security tweaks description) or on an unresolved tweak will open Defender in the WordPress dashboard where you can resolve or ignore the issues and clean up the list of available Security Tweaks.

When all of your Security Tweaks are Resolved or Ignored the, You’ve actioned all of the recommended Security Tweaks. message will display along with a No issues message.

6.2.2 Malware Detection

Link to chapter 2

Defender Malware Detection scans your website for file changes, vulnerabilities and injected code and notifies you of anything suspicious.

  • WordPress Core – Checks and flags changes to your WordPress core files.
  • Plugins & Themes – Scans for known vulnerabilities in your installed plugin and theme files.
  • Suspicious Code – Flags files with suspicious or potentially vulnerable code. This is a curated list of published vulnerabilities gathered from multiple sources.

Clicking on the Malware Detection Settings icon (three dots) opens the option to run a scan or open the dashboard to take action on flagged files.

For information on Deleting, Ignoring, and configuring Malware Detection settings, visit Defender’s File Scanning usage docs.

6.2.3 Blacklist monitor

Link to chapter 2

Blacklist Monitor automatically checks if you’re on Google’s blacklist every 6 hours. If something’s wrong, Defender sends an email notification so you can limit downtime.

This feature can be activated or deactivated right from the Hub. Click the settings icon in the Blacklist Monitor module to enable or disable monitoring.

If Blacklist Monitoring is active the Domain Status will display in your Hub. For more information you can visit Defender’s Blacklist Monitor usage docs.

6.2.4 Firewall

Link to chapter 2

Defender can automatically lockout any suspicious behavior. The Defender Firewall uses IP Lockouts and Blacklisting to stop users accessing your site.

When the Firewall is active, the module shows:

  • Lockouts in the last 7 days – Number of lockouts in the last 7 days
  • Last lockout – Date and Time of last lockout

Clicking on the Firewall Settings icon (three dots) opens quick links to Configure and View Logs.

For more information about the Defender Firewall and settings visit the Defender IP Lockouts documentation.

6.2.5 Audit Logging

Link to chapter 2

Defender has Audit Logs for tracking events and changes made to your website. This gives you full visibility over what’s going on behind the scenes. The Audit logging module lists how many events were added in the last 30 days and when the last event took place. This information can be valuable when fixing a hacked site or managing sites with multiple users making changes.

Clicking on the settings icon in the Audit Logging module gives you quick links to visit and configure Audit Log settings from the admin area of your website.

For more information about Audit Logging and settings visit the Defender Audit Log documentation.

6.2.6 Two-factor Authentication

Link to chapter 2

This feature enhances your website security by requiring users to log in with a passcode sent to your cell phone. Two-factor authentication is an extremely effective tool against brute force attacks.

The Advanced tools module notes if Two-Factor Authentication is active/inactive and provides a quick configuration link for Two-Factor Authentication settings in the WordPress dashboard.

For a detailed look at Defender Two-Factor Authentication settings visit the Defender usage documentation.

6.2.7 Mask Login Area

Link to chapter 2

Mask Login Area lets you create a custom slug for your login page, replacing the default wp-admin or wp-login. This makes it harder for malicious bots looking for your login page.

Mask Login Area is in the Advanced tools module. It notes if Masking is active/inactive and provides a quick configuration link for the Defender Login Masking settings in the WordPress dashboard.

For a detailed look at Defender Mask Login settings, visit the Defender Mask Login usage documentation.

6.3 Security Settings Tab

Link to chapter 3

The Settings tab links you to options for tailored security reports delivered to your inbox so you don’t have to worry about checking in.

Clicking on a report gives you the option to open the configuration settings from the website’s WordPress admin dashboard.

6.3.1 Malware Detection Report

Link to chapter 3

Defender automatically runs scans of your website and, if configured to do so, will email you the results– Daily, Weekly, or Monthly.

If Malware Detection is activated in Defender, the number of suspicious files found and where in your site they exist will be displayed here.

To activate Malware Detection Reports, click the Tools icon (three dots), and then click Configure to open Defender’s File Scanning module, where you can can setup Malware Detection Reports.

6.3.2 Firewall Report

Link to chapter 3

With IP Lockouts activated in Defender, you can configure notifications so you will know when a user has been locked out due to suspicious activity.

If IP Lockouts is activated in Defender, the date and time of your last lockout and the total number of lockouts during the past 30 days will be displayed.

To activate IP Lockout Reports, click Inactive in the Firewall row to access Defender’s IP Lockout module, where you can set up IP Lockout reports.

6.3.3 Audit Logging Report

Link to chapter 3

Defender can be configured to email you regular reports of all website events.

If Audit Logs is activated on Defender, the date and time of the last event and the total number of events during the past 30 days will be displayed.

To activate Audit Logging, click Inactive to access Defender’s Audit Logging module, where you can configure reports and notifications.


Clicking the Deactivate button will disable Defender Pro on your website and turn off Security tracking in the Hub.

6.4 Security Support

Link to chapter 4

Need help managing or setting up Defender Pro or Security in the Hub 2.0? WPMU DEV members have access to 24/7 live support.