WProtect – Total security plugin for WordPress

WProtect is the most advanced WordPress security extension, you can use to protect your WordPress website from intrusions and hacker attacks. It’s backed up by a team of experts that are trained to be always up to date with the latest known vulnerabilities and security updates, making WProtect the best choice in keeping your website safe.



Vulnerabilities auto checking

Securitycheck performs a check of the versions of all the plugins & themes of your WordPress installation, comparing them with its database to show if there are vulnerable plugins & themes. Forget individually test of every plugins & themes to avoid vulnerabilities: Securitycheck does it for you.

Desktop & Mobile browsers notification

Our security plugin finds any suspicions action or vulnerabilities inside wordpress core, plugins, themes and it will automatically send live notification to your desktop and mobile if you wish.

Active Protections

  • PHP Configuration Hardening
  • Stop brute-force login attempts
  • Local file inclusion (LFI)
  • Remote file inclusion (RFI)
  • Directory traversal
  • SQL injection (SQLi)
  • HTML, Javascript and CSS filtering (XSS)
  • Ban IP address (IPv6 support)
  • Actively scans POST, GET, COOKIE variables.
  • Detect if there is a user account which has the default “admin” username and easily change the username to a value of your choice.
  • Prevent a Directory Listing
  • Defending yourself from search engines hacking database(dork)
  • Hide wp-admin directory (for untrusted users)
  • Hide wp-login.php (for untrusted users)
  • Hide wordpress version
  • Disable File Editing
  • Prevent PHP execution in “wp-content/uploads” directory

Other features:

  • Easy to use
  • Advanced logs
  • Dark & Light admin styles
  • Fully responsive admin interface

Demos of some protections:

Prevent PHP execution in “wp-content/uploads” directory:

  • This file contains “<?php echo ‘Hello World’; ?>”: Check it

Hide WP-Admin:

Hide WP-Login.php:

Blocking Brute-force attack:

  • reCaptcha on Login forms after 2 numbers of failed login attempts.Check it

Hide WordPress version:

  • Removed WordPress version parameter from JS and CSS files, Meta tag & RSS: Check it

Disable directory listing:


Buy now