Security

WordPress security shouldn't cost $119/year.

Replaces: Wordfence Premium ($119/yr), iThemes Security Pro ($80/yr), Sucuri ($199/yr)

Download Free

Features

Two-Factor Authentication (2FA)

TOTP-based 2FA using apps like Google Authenticator or Authy. Protect every admin account.

Login Protection

Limit login attempts, CAPTCHA on login forms, and automatic IP blocking for brute force attacks.

Security Headers

Automatically add X-Frame-Options, Content-Security-Policy, HSTS, and other critical security headers.

File Integrity Monitor

Detect unauthorized changes to core WordPress files, plugins, and themes.

Malware Scanner

Scan your files for known malware signatures and suspicious code patterns.

Firewall Rules

Block common attack patterns including SQL injection, XSS, and directory traversal.

Login Activity Log

Track every login attempt with IP address, user agent, and timestamp.

Hide Login URL

Change your wp-login.php URL to prevent automated attacks on the default login page.

Screenshots

Screenshot coming soon
Screenshot coming soon
Screenshot coming soon

How We Compare

Feature
AuditMySite
Free
Wordfence Premium
$119/yr
iThemes Security Pro
$80/yr
Sucuri
$199/yr
2FA/TOTP
Login protection
Security headers
File integrity
Malware scanner
Firewall rules
No annual fee

How to Install

  1. 1
    Go to Plugins → Add New
    In your WordPress admin dashboard, navigate to the Plugins page and click Add New.
  2. 2
    Search"AuditMySite Security"
    Use the search bar to find the plugin in the WordPress repository.
  3. 3
    Click Install → Activate
    Click the Install Now button, then activate the plugin once installed.
  4. 4
    Configure in Settings
    Go to Settings to customize the plugin for your site.

Frequently Asked Questions

Is free security actually secure?

Yes. Security through obscurity is not real security. Our code is open source and auditable. The features we provide — 2FA, headers, login protection — are industry standard.

Does it conflict with Wordfence free?

We recommend using one security plugin at a time to avoid conflicts. Our plugin covers everything Wordfence free does and more.

How does 2FA work?

After enabling 2FA, admins scan a QR code with their authenticator app. On each login, they enter their password plus a 6-digit code from the app.

Will security headers break my site?

We use safe defaults and let you customize each header. A test mode lets you verify headers work correctly before enforcing them.

Does it protect against DDoS attacks?

It provides application-level protection. For full DDoS mitigation, we recommend pairing it with Cloudflare (free tier works great).

Download Security for Free

No signup, no credit card, no upsells. Just a great WordPress plugin.

Download FreeNeed help? Contact us
← Back to all WordPress plugins