Defender

Get regular security scans, vulnerability reports, safety recommendations and customized hardening for your site in just a few clicks. Defender is the analyst and enforcer that never sleeps.

Version 1.1.5

  • Added: IP Lockouts. Defender can now protect your login area from brute force attacks, monitor 404 errors and automatically lockout any unwanted behavior. It can also permanently ban specific IP addresses and receive email notifications when lockouts occur.
  • Fixed: Minor bug fixes and improvements.

Changelog

Version 1.1.5
  • Added: IP Lockouts. Defender can now protect your login area from brute force attacks, monitor 404 errors and automatically lockout any unwanted behavior. It can also permanently ban specific IP addresses and receive email notifications when lockouts occur.
  • Fixed: Minor bug fixes and improvements.

Version 1.1.4.1
  • Fixed: Fatal error when PHP extension sockets is not enabled

Version 1.1.4
  • Improvement: Audit logging now detects file changes in WordPress core.
  • Fixed: Updating via WordPress core now syncs better with the Hub.
  • Fixed: Some compatibility fixes for PHP 5.2.

Version 1.1.3
  • Improvement: Audit Logging now ajax based.
  • Fixed: minor bug fixes & some UI/UX improvements

Version 1.1.2
  • Improvement: Switched the User dropdown in Audit Logging to load results via AJAX to increase initial load performance.
  • Improvement: Scan results now pre-load information so that you can action fixes faster.
  • Fixed: Removed cronjob events from being tracked in Audit Logging.
  • Fixed: The Audit Logging filter box now stays visible if no results are returned.
  • Fixed: Other small bug fixes and improvements.

Version 1.1.1
  • Added: A warning indicator in WP Admin sidebar to let you know how many security issues are outstanding.
  • Added: The ability to choose to only receive email reports when there are issues with your website.
  • Fixed: Minor bug fixes & improvements

Version 1.1
  • New feature: Audit logging
  • New plugin icon
  • Vulnerability plugins/theme scan result can be ignored
  • Some other minor enhancements/fixes

Version 1.0.8
  • Improve Core Integrity Scan.
  • Improve caching method

Version 1.0.7
  • Improved: Scan schedule.
  • Fix: issue with W3 Total Cache Object Cache

Version 1.0.6
  • Fix: Defender data doesn't sync with HUB correctly
  • Fix: Email report doesn't send properly
  • Some other minor enhancements/fixes

Version 1.0.5
  • Added: Option to choose reminder period for Hardener rule "Update old security keys"
  • Improved: Compatibility with Windows server
  • Improved: Optimized resource usage when scanning

Version 1.0.4
  • Improve scan engine, reduce false positives
  • Improve uninstallation method
  • Add the ability to ignore hardener rules.
  • Improve the performance impact on the site.

Version 1.0.3
  • Optimize scanning
  • Preventing performance issue with some hosts

Version 1.0.2
  • Applied ajax inline updates for plugins/themes
  • One click Prevent PHP execution
  • One click Prevent Information Disclosure
  • Add detail page for core integrity issue, and automate resolution

Version 1.0.1
  • Scanning can auto detect if user is active on scanning page to work based on ajax, or leave to enable background scan
  • Improve condition checking for Prevent Information Disclosure module
  • Improve condition checking for Prevent PHP execution module

Version 1
  • Initial release!
Try Defender today!
  • Recommendation and one-click action steps
  • Plugin, theme and core vulnerability scans
  • Manual and automatic IP lockout system
  • Google blacklist monitoring and alerts
  • Restore and repair changed files
  • Schedule email security reports
Defender comes FREE with your WPMU DEV Membership GET Defender FOR FREE Free trial & pricing info
  • "Defender's interface is very intuitive with warnings that are very helpful."
    djohns
  • "Worth every penny! Plugins like Defender and Snapshot are one of a kind."
    Andre M.
  • "I found other pro security plugins a bit too fiddly for my taste...I’m delighted with Defender. "
    KeithAdv
  • "This is the sort of security data I’ve always wished all my websites and web apps had."
    Guy
Downloads 91,938 Compatibility WordPress 4.7.1Multisite 4.7.1BuddyPress 2.7.4Upfront1.7 Version 1.1.5 - Changelog - Translations

"Defender's interface is very intuitive with warnings that are very helpful."

djohns

"Worth every penny! Plugins like Defender and Snapshot are one of a kind."

Andre M.

"I found other pro security plugins a bit too fiddly for my taste...I’m delighted with Defender. "

KeithAdv

"This is the sort of security data I’ve always wished all my websites and web apps had."

Guy

Scans and reports are awesome, but who do you call to lay the smack-down on hackers? Defender not only makes suggestions, he’ll give you action steps and stand guard giving you a stronger site.

defender-hardening
Defender finds areas you can improve and makes suggestions for hardening your site.

Harden Like A Hero

Security isn’t one-size-fits-all, so Defender will analyze your site, make suggestions for hardening and provide easy activation for the most effective layered security measures used by the pros.

Defender is the professional security upgrade you’ve been looking for.

defender-scan
Get notified of core file changes and restore order with a click.

Let Defender Do The Crime Fighting

Defender scans the dark alleys of your site to find suspicious code in WordPress and alerts you when something doesn’t look right.

If a core file is corrupt Defender brings order. Restore files to their original state with a click.

defender-plugin-scan
Expose hidden code with regular scans.

Theme & Plugin Code Checker

Defender also checks for known issues with themes and plugins you have installed and scans for suspicious behavior in your system files.

Now you can remove the weak points in your system before hackers can get to them.

Audit Logging Screenshot
Keep tabs on everything that happens on your site!

Audit Logging

Tired of mysterious breakages or inexplicable slowness on your site? With Defender keeping watch, you’ll know the cause – every time.

Defender keeps detailed logs of comments, posts, login attempts, plugin installs, and well, pretty much everything.

Protect your site from brute force attacks.

IP Lockout

Brute force attacks are no match for Defender’s IP Lockout system. Trigger timed or permanent site bans for repeated 404s or failed login attempts.

Protect your site with both manual and automatic IP ban and whitelist control.

Stay ahead of security with customized alert settings and notifications.

“Warning: I Sense a Disturbance”

Customize your alert settings. Send security updates, lockout notification emails, scheduled reports and audit logs to a team of admins and users.

Use regular security reports and alerts to help keep your site running fast and safe.

 


defender-blacklist
Use blacklist monitoring to help keep a trusted brand.

Blacklist Monitoring

Defender checks safe web services and warns you if your site has been flagged as unsafe.

Be the first to know if your domain is blacklisted so you can act fast and reinstate your site – before you lose visitors or break trust.

Backup and restore from any point with Snapshot.

Cloud Backups with Snapshot

Security and automated cloud backups – it’s the ultimate Super Duo. Activate Snapshot and you’ll never need to worry about a hack again.

Just restore to a clean install while you patch vulnerabilities.

 

Meet WP Defender

Congratulations! You’re about to lock down your site, keeping your content and your users safe from common threats.

New to WordPress? The Installing Plugins section or our comprehensive WordPress and WordPress Multisite Manual will guide you through installing your first plugin.

Configure Your Defense Network

Visit your WP Admin dashboard, and find WP Defender in your Admin Menu. Start on the first tab, your WP Defender Dashboard. If this is the first time running WP Defender, you’ll see the WP Defender mascot ready to show you how everything works.

This fella's not letting any bad files get past him.

This fella’s not letting any bad files get past him.

Hardening

Click “View Dashboard” to visit the hub of your control center. Here, you’ll see an overview of all the services we’re providing with WP Defender. We’ll start with Hardening.

DefenderOptions

In the screenshot above, the first hardening check has already been run, the results of that scan are in the upper right frame of the options screen. Clicking “View & Fix Issues” will take you to the full results screen.

DefenderResultsFirst

Below this overview, you’ll see a detailed list.

DefenderResultsSecond

Each of the items under action needed can be tabbed open to see a detailed explanation of the issue, as well as a simple process for resolving the issues reported. Here’s a detailed look at the first item in the Action Needed list, “Change default WP database prefix.”

DefenderResultsDetail

To resolve the WP database prefix issue, you’ll enter your new prefix (which will replace “wp”) and click Update. Every issue you might encounter will be as if not more simple than this step to resolve, most only require the user to click a button.

Each of our recommendations and solutions will put an additional layer of protection between your site and those who might wish to harm it or your users.

Security Scan

WP Defender will scan your site for malicious files and code, and report any suspicious files to you.

DefenderSecurityScanInProcess

Security Scan has a few settings you can adjust, you’ll find them under the Scan tab under WP Defender, or via the WP Defender Dashboard. On this page, you can set up an automated scan, choose who will receive the scan results, choose which file types can be skipped by Defender, assign a maximum file size for scans, and customize the scan result email text.

Setting up automated scans is very simple, just enter the frequency, date, and time like in the screenshot below.

DefenderSetUpAutomatedScan

In the next section, you can choose file types Defender can skip over during a security scan, and the maximum file size a file can have to be scanned.

DefenderGeneralSettings

Below this, you’ll be able to add users who’ll be notified when the site fails or passes a security scan. At the bottom of the page, you can customize the text of the pass/fail emails. We’ve included a handful of macros to easily insert custom information.

DefenderEmailTemplates

Blacklist Check

This feature will scan Google’s blacklisted sites for your site’s URL and notify you if your site has been removed from Google’s index.

Coming Soon: Cloud Backups and Live Logging

We’ll be bringing even more to WP Defender in the near future. The next planned features will include providing cloud-based storage for your site backups created with Snapshot, and a round-the-clock logging service which will track everyone who logs into your site as a user, an administrator, or into the critical areas of your host server. Keep an eye on our site for updates.

DefenderBackupsComingSoon

As always, if you have any questions or need any help at all getting WP Defender set up to protect your site, we’ve always got a light on for you in our support forums.

WP Defender Features

Get peace-of-mind with a more secure site.

  • Analyze site security
  • Hardening recommendations
  • Resolve issues with a click
  • Manual and automatic IP lockout system
  • Scan core files for changes
  • Plugin and theme vulnerability scans
  • Schedule regular scans
  • Repair and restore changed files
  • Choose file types to scan
  • Skip files based on file size
  • Receive email reports
  • Choose report recipients
  • Google blacklist monitoring
  • Automated backups
  • Full website backups
  • Cloud backups
  • Site interactions with logging