IThemes Security Pro v7.1.2

Updated: 15 May 2022


Join To Free Download

This is your modal header title

A wonderful serenity has taken possession of my entire soul, like these sweet mornings of spring which I enjoy with my whole heart.

IThemes Security Pro is an antivirus and anti-hacking plugin for WordPress web sites. Like a protect, it prevents from being hacked . iThemes Safety (previously Higher WP Safety) provides you over 30+ methods to safe and defend your WordPress web site. On common, 30,000 new web sites are hacked every day. WordPress websites may be a simple goal for assaults due to plugin vulnerabilities, weak passwords and out of date software program.

Most WordPress admins don’t know they’re susceptible, however iThemes Safety works to lock down WordPress, repair frequent holes, cease automated assaults and strengthen person credentials. With superior options for knowledgeable customers, our WordPress safety plugin will help harden WordPress.


iThemes has been constructing and supporting WordPress instruments since 2008 like BackupBuddy, our WordPress backup plugin. With our full vary of WordPress pluginsthemes and coaching, WordPress safety is the following step in offering you with the whole lot you might want to construct the WordPress net.

IThemes Security Pro WordPress Plugin
IThemes Safety Professional WordPress Plugin


Get added peace of thoughts with skilled assist from our professional staff and professional options to take your web site’s safety to the following stage with iThemes Safety Professional.

Professional Options:

  • Two-Issue Authentication – Use a cell app corresponding to Google Authenticator or Authy to generate a code or have a generated code emailed to you.
  • WordPress Salts & Safety Keys – The iThemes Safety plugin makes updating your WordPress keys and salts simple.
  • Malware Scan Scheduling – Have your web site scanned for malware mechanically every day. If a difficulty is discovered, an e mail is distributed with the main points.
  • Password Safety – Generate sturdy passwords proper out of your profile display.
  • Password Expiration – Set a most password age and power customers to decide on a brand new password. You may as well power all customers to decide on a brand new password instantly (if wanted).
  • Google reCAPTCHA – Shield your web site towards spammers.
  • Person Motion Logging – Observe when customers edit content material, login or logout.
  • Import/Export Settings – Saves time organising a number of WordPress websites.
  • Dashboard Widget – Handle essential duties corresponding to person banning and system scans proper from the WordPress dashboard.
  • On-line File Comparability – When a file change is detected it is going to scan the origin of the recordsdata to find out if the change was malicious or not. Presently works solely in WordPress core however plugins and themes are coming.
  • Momentary Privilege Escalation – give a contractor or another person non permanent admin or editor entry to your web site that may mechanically reset itself.
  • wp-cli Integration – Handle your web site’s safety from the command line.


Handle multiple WordPress web site? Handle Away Mode, launch lockouts and maintain your themes, plugins and WordPress core updated from one dashboard with iThemes Sync Professional. Begin your free trial of Themes Sync Professional.


iThemes Safety takes brute power assault safety to the following stage by banning customers who’ve tried to interrupt into different websites from breaking into yours. The iThemes Brute Pressure Assault Safety Community will mechanically report IP addresses of failed login makes an attempt and can block them for a size of time needed to guard your web site based mostly on the variety of websites which have seen an identical assault.


iThemes Safety works to guard your web site by blocking dangerous customers and growing the safety of passwords and different very important info.

  • Prevents brute power assaults by banning hosts and customers with too many invalid login makes an attempt
  • Scans your web site to immediately report the place vulnerabilities exist and fixes them in seconds
  • Bans troublesome person brokers, bots and different hosts
  • Strengthens server safety
  • Enforces sturdy passwords for all accounts of a configurable minimal position
  • Forces SSL for admin pages (on supporting servers)
  • Forces SSL for any web page or submit (on supporting servers)
  • Turns off file modifying from inside WordPress admin space
  • Detects and blocks quite a few assaults to your filesystem and database


iThemes Safety screens your web site and stories adjustments to the filesystem and database that may point out a compromise. iThemes Safety additionally works to detect bots and different makes an attempt to look vulnerabilities.

  • Detects bots and different makes an attempt to seek for vulnerabilities.
  • Displays filesystem for unauthorized adjustments.
  • Run a scan for malware and blacklists on the homepage of your web site.
  • Obtain e mail notifications when somebody will get locked out after too many failed login makes an attempt or when a file in your web site has been modified.


iThemes Safety hides frequent WordPress safety vulnerabilities, stopping attackers from studying an excessive amount of about your web site and away from delicate areas like your web site’s login, admin, and many others.

  • Modifications the URLs for WordPress dashboard areas together with login, admin and extra
  • Utterly turns off the flexibility to login for a given time interval (away mode)
  • Removes theme, plugin, and core replace notifications from customers who would not have permission to replace them
  • Removes Home windows Reside Write header info
  • Removes RSD header info
  • Renames “admin” account
  • Modifications the ID on the person with ID 1
  • Modifications the WordPress database desk prefix
  • Modifications wp-content path
  • Removes login error messages

WordPress Brute Pressure Safety

Restrict the variety of failed login makes an attempt allowed per person with WordPress brute power safety. If somebody is attempting to guess your password, they will get locked out after just a few makes an attempt.

File Change Detection

If somebody manages to get into your web site, they will in all probability add, take away or change a file. Get e mail alerts exhibiting any current file adjustments so in the event you’ve been hacked.

404 Detection

If a bot is scanning your web site for vulnerabilities, it is going to generate lots of 404 errors. iThemes Safety will lock out that IP after the restrict you set (20 errors in 5 minutes by default).

Sturdy Password Enforcement

Set which stage of customers in your web site (admins, editors, customers, and many others.) have to have sturdy passwords. Sturdy password enforcement is among the finest methods to lock down WordPress.

Lock Out Dangerous Customers

Preserve dangerous customers away out of your web site if they’ve too many failed login makes an attempt, in the event that they generate too many 404 errors, or in the event that they’re on a bot blacklist.

Away Mode

Not making adjustments to your web site 24 hours a day? Harden WordPress by making the WordPress dashboard inaccessible throughout particular hours so nobody else can sneak in and try to make adjustments.

Cover Login & Admin

Change the default URL of your WordPress login space so attackers will not know the place to look. This function can also be nice to assist purchasers bear in mind their login hyperlink.

Database Backups

Schedule database backups and have them emailed to you. Or you will get our WordPress backup plugin to step up your backup recreation. Make full backups and ship them to off-site storage locations.

E mail Notifications

Get e mail notifications when somebody will get locked out after too many failed login makes an attempt or when a file in your web site has been modified.

WordPress Two-Issue Authentication


With iThemes Safety Professional’s WordPress two-factor authentication, customers are required to enter each a password AND a secondary code despatched to a cell machine corresponding to a smartphone or pill. Each the password and the code are required to efficiently log in to a person account. Two-factor authentication provides an additional layer of WordPress safety to confirm it’s truly you logging in and never somebody who gained entry (and even guessed) your password.

WordPress Two-Issue Authentication Strategies Supported By The iThemes Safety Professional Plugin


The iThemes Safety Professional plugin works with frequent two-factor authentication cell apps corresponding to Google Authenticator, Authy, FreeOTP and Toopher.


Time-sensitive codes are provided through e mail to the e-mail deal with related to the person’s account.


Gives a set of one-time use codes that can be utilized to login within the occasion the first two-factor technique is misplaced.

Safety Dashboard


your WordPress safety log entries may be time-consuming and even obscure. The brand new iThemes Safety Dashboard brings your safety logs to life by pulling collectively associated entries and displaying it in a approach that’s related to you.

WordPress Safety Grade Report


See an immediate WordPress Safety Grade Report on the safety of your WordPress web site. From the report, you too can make the really useful fixes so you’ll be able to elevate your grade and enhance the general safety of your web site.

iThemes Safety takes a number of components into consideration when issuing your safety grade, together with your software program and safety settings.


Perceive the massive image of your WordPress web site’s safety with an total safety grade.


See particulars in your software program and settings together with motion gadgets to enhance your grade.


Rapidly view and resolve safety points within the order that may enhance your grade probably the most.


Extra options are on the best way that will help you rapidly perceive safety and resolve any points.

Trusted Gadgets with Session Hijacking Safety


Add safety measures for unknown gadgets, together with Session Hijacking safety, to lock down your WordPress web site and defend it from compromises to person logins.

WordPress Person


Person-level safety is totally important for shielding your WordPress websites. Poor safety for only one WordPress person account can open up your complete constructing, or web site, to vulnerabilities that result in hacks.

Use iThemes Safety Professional’s WordPress Person Safety Verify to evaluate the safety of all of your WordPress person accounts at one time and take motion on them if wanted.

WordPress Malware Scanning


iThemes Safety makes use of its personal Website Scanner to energy the WordPress malware scan function inside the plugin. The Website Scanner mechanically checks for recognized malware and vulnerabilities, blacklist standing, web site errors and out-of-date software program. With iThemes Safety Professional, you’ll be able to allow each day malware scanning and obtain a notification e mail if an issue is discovered.

WordPress Model Administration


Outdated software program — whether or not it’s WordPress, themes or plugins — places your websites in danger as a result of safety vulnerabilities are sometimes well-known. iThemes Safety Professional’s new Model Administration possibility can mechanically replace to new variations of WordPress, themes and plugins, together with enhance safety measures when a web site’s software program is outdated.

1. Strengthening & Alerting to Vital Points

iThemes Safety will mechanically allow stricter safety when an replace has not been put in for a month. Moreover, you too can verify for different outdated WordPress installs in your internet hosting account.

2. Automated Updates for WordPress, Themes & Plugins

Best for websites you don’t use continuously or websites that don’t have advanced setups, which are sometimes uncared for and have a higher danger of getting outdated software program.

WordPress Password Safety


Passwords are a important element of a stable WordPress safety technique. iThemes Safety Professional makes it simpler so that you can implement sturdy passwords, so you’ll be able to have higher WordPress password safety.

Use iThemes Safety Professional’s sturdy password enforcement settings so as to add a robust password generator to person profiles, allow password expirations and management the minimal person position for sturdy password roles.

NEW! Passwordless Logins


Passwordless Login is a approach to confirm a person’s identification with out truly requiring a password to login. Passwordless login is each secure and easy, growing the chance that the typical particular person will safe their account.

Add passwordless logins to your WordPress web site with the iThemes Safety Professional plugin. The Passwordless Login technique supplied by iThemes Safety Professional will ship you an e mail with a “magic hyperlink,” or a hyperlink that may log you into WordPress with a click on of a button.

Handle A number of WordPress Websites with iThemes Sync


iThemes Sync presents a approach to handle a number of WordPress websites from one place. Sync can also be a safe approach to remotely launch iThemes Safety lockouts and set Away Mode to your web site.

Allow/Disable Away Mode

iThemes Safety Professional’s Away Mode function shuts off entry to your web site’s dashboard. With Sync, you’ll be able to flip Away Mode on or off remotely on any of your websites working iThemes Safety Professional.

Launch Lockouts

Utilizing Sync, you’ll be able to see the IP addresses for any locked out customers. To launch lockouts, simply click on the Launch button. All with out each having to log into your web site.



  • Works on multi-site (community) and single web site installations
  • Works with Apache, LiteSpeed or NGINX (Be aware: NGINX would require you to manually edit your digital host configuration)
  • Options like database backups and file checks may be problematic on servers and not using a minimal of 64MB of RAM. All testing servers allocate 128MB to WordPress and often don’t have every other plugins put in.


There are no reviews yet.

Be the first to review “IThemes Security Pro v7.1.2”

7.1.2 – 2022-04-25 – Timothy Jacobs, Lisa Canini
Tweak: Require a Title when creating a new Dashboard.
Bug Fix: Don’t attempt to send a Site Scan notification for Clean scans preventing a fatal error after scheduled site scans.
Bug Fix: Initialize Theme in Dashboard Widget rectifying the “An error occurred while rendering this card” message.
Bug Fix: Use Site Registration Authentication when performing a Site Scan on Multisite Subsites rectifying the “Request is missing verification credentials” message.

7.1.1 – 2022-04-13 – Timothy Jacobs, Lisa Canini
Tweak: Schedule the Automatic Updater to run 5 minutes after a Site Scan finds Vulnerable Software.
Bug Fix: Help styling on WordPress 5.9.
Bug Fix: Compatibility with plugins that expected a logged-in user during lockouts.
Bug Fix: Error when visiting the Notifications page after activating a module with notifications for the first time.
Bug Fix: Update deprecated withState usages to useState.
Bug Fix: Set a default value for the Notification User Roles control.

7.1.0 – 2022-01-31 – Timothy Jacobs
Important: iThemes Security now requires WordPress 5.8 or later.
New Feature: Introduce a new Import Export feature that allows for greater customization and flexibility.
Bug Fix: Scroll to top of window when navigating.
Bug Fix: Allow searching for Password Requirements.
Bug Fix: Login page would be blank when Passwordless Login was configured to use the “Username First” flow.
Bug Fix: Don’t load WordPress and System Tweaks modules when the `ITSEC_DISABLE_MODULES` constant is enabled.
Bug Fix: Prevent incidentally loading the Two-Factor module when it is unregistered.
Bug Fix: Conditionally display the NGINX File Path setting.
Bug Fix: Allow saving Notifications when “default recipients must contain at least 1 item” error is present.

7.0.3 – 2021-08-10 – Timothy Jacobs
Enhancement: Reintroduce Feature Flags management UI.
Tweak: Reposition “Advanced” and “Tools” menu items to be more readable on lengthy screens.
Bug Fix: Sites that did not support HTTPS, but had the SSL module active, but not configured, on upgrade would get redirected to the HTTPS version of the site.
Bug Fix: When the Change Admin User tool is run, update any User Groups referencing the old user id.
Bug Fix: Unregister the iThemes Security Two-Factor module when the Two-Factor Feature Plugin is enabled.
Bug Fix: Add missing and correct erroneous textdomains.
Bug Fix: WordPress footer would appear in the middle of the logs page.

6.7.1 – 2020-09-24 – Timothy Jacobs
Enhancement: Add WP CLI command to run the Change Admin User tool.
Tweak: Disable SSL verification when performing the Security Check Loopback test. Some hosts can’t properly verify loopback requests. This verification is unnecessary in this circumstance, and disabling SSL verification aligns iThemes Security with default WordPress loopback behavior.
Tweak: Override WordPress’ built in auto update notices at a higher priority. This fixes issues with iThemes Security’s settings being overwritten by other systems.
Bug Fix: Some users would be force to choose a strong password twice in a row.
Bug Fix: Warning when saving the Ban Users module outside of the Settings Page without passing the legacy host_list setting.
Bug Fix: Fix issues with initializing a site scan from a non-licensed domain name.

Why Choose Shatran?

Answer: We believe in the open-source community and believe that WordPress should be available to all.Unfortunately, premium plugin and theme authors refuse to decouple support from the code, they won’t set regional price differences and they rarely offer discounts to students, low waged or the young.We are providing a third way by redistributing the code without any unneeded extras.

Are your products healthy and original !?

Answer: Yes, absolutely, all the products that are placed in Samandon have been thoroughly tested and are completely healthy and original. Items will be fixed by the designer in subsequent product updates.

How can you offer the products at such low prices?

Answer: All WordPress items such as plugins and themes are licensed under the General Public Licence (GPL).This means that once we have purchased the item we are free to redistribute it if we choose to do so.Your membership to our site goes towards maintaining and buying the subscriptions to 3rd party theme and plugin authors. This form of crowdfunding helps keep prices low and we can then pass this benefit on to you.

Is support Included?

Answer: No. If you require technical support regarding a plugin or theme then you will need to either purchase the product directly from the author (a link is provided) or you will need to hire a freelancer to take a look for you. Alternatively, you could ask around some of the helpful WordPress community forums.Not offering support is the way in which we are able to offer the products at a discounted price.

Are these products genuine?

Answer: Yes, 100%. We have active subscriptions to all the authors of the products featured on our website.We download from them and then redistribute to you.The downloads are generally not altered in any way as they work fine out the box. But sometimes we have to add some code to make the script work. Will will keep this to a minimum and also announce if we have touched the code so you know exactly how your stand.

Do you provide updates to the products?

Answer: Yes. As soon as we are notified of an update, we go and download it from the author and update it on our site.

How many sites can I use the plugin or theme on?

Answer: As many as you like. The plugins and themes are GPL licensed so you can use them as often as you like on as many sites as you like.Got a friend who’s building a site? Go share them with your friend. Seriously, there are no catches.

Can I request new products?

Answer: Yes, every user who is subscribed to our membership system can make requests via our Ticket System. Though the fulfilment of the product depends solely on the discretion of GPL Downloads and other factors like the license of the product (GPL or non-GPL – we will not entertain any non-GPL product requests), the price of the product, usage of the product on one license, etc. We only purchase items that we think are or will be popular and a benefit to a large number of members. We will NOT purchase niche items.

How can I hide license reminders or usage keys?

Answer: Consider hiding the license activation reminders through a plugin like “Disable admin notices.“ This plugin is free and very popular in the WordPress community. Make sure to check the official documentation for more information!

You Must Join to Download the Product File . Click Here to Join.

Scroll to Top