Introduction: iThemes – the WP plugin that “keeps bad guys out”
Of late, ransomware and other cyberattacks have become background noise. An estimated 300,000 websites get hacked daily, and some state computer systems get to more than 300 million hacking attempts every day!
These threats not only hound large websites; thousands of small websites also encounter hacks without their owners' knowledge. Unfortunately, the same can be true for WordPress websites. Therefore, WordPress website owners and web admins must get their hands on security solutions to mitigate these threats.
Given the level of cybercrimes today, the importance of vigilance in website security cannot be overstated. This also explains why software companies such as those behind iThemes Security plugin are coming up with newer and more efficient tools to keep these cyber threats at bay.
Mind you, iThemes claims it is the No. 1 WordPress security plugin. But how effective is the iThemes website security solution? What are its features, and what might WordPress site owners or web admins like you benefit from? In this iThemes Security review, we will find out if this software is putting money where its mouth is.
Let's begin our iThemes Security Pro review!
Before we start with this iThemes Security Pro review, here's a short background on the plugin.
iThemes, erstwhile known as the Better WP Security plugin, was a brainchild of iThemes Media LLC. This WordPress security plugin was launched in 2014. What's great about iThemes is that it has a Free and Pro version.
Comparing iThemes Security Pro vs Free version, the latter has core features that allow you to protect your website from hackers and cyber attackers. However, if you want to get premium features, you need to sign up for the Pro option. More on the differences between iThemes Pro and Free versions later.
Ease of Use:
Honestly, website security can sometimes require an understanding of complex terms and features. But we must gauge how usable a security tool is – and which type of user it is most suited to.
For this iThemes Security review, the plugin is not as complex as other tools in the market. It offers one-click installation, and when you get confused, you're directed to useful tutorials to walk you through the process. Those familiar with the WordPress platform will not find it difficult to install the plugin.
- Download the iThemes plugin zip file.
- Install the WordPress plugin.
- Activate the plugin on your WordPress site.
If you're unsure, there's a tutorial on how to install and activate WordPress plugins.
What we also find helpful in this iThemes Security Pro review is that it makes the time-consuming and complicated task of reviewing data easier. In addition, the iThemes Security dashboard provides an at-a-glance view of important analytics to inform you of what's going on and guide your decision-making.
So we've established in this iThemes Security review that the plugin is relatively easier to use compared to its rivals. But what about its features? What is it capable of doing for your website?
iThemes claims it can “keep the bad guys out” of your WordPress site in 30 ways. However, if you look at its capabilities, you'll see that it promises only defence and does not guarantee complete protection.
Some of its most important features include the following:
Brute Force Protection:
This feature locks out suspicious users after several failed login attempts. Therefore, if a cybercriminal or hacker tries to guess their way into your account, they'll be locked out after repeated attempts.
Hackers who make failed attempts to access your site will generate a 404 error. With this feature, IPs will be locked out if they generate errors within the limits you set. Hence when you set the default setting to 10 errors in 5 minutes, the plugin will automatically set this detection feature in motion.
File Change Detection:
Any time the plugin detects any file change or modification, you'll get an email alert.
Strong Password Enforcement:
You can set your website settings so that all admins, users, or editors have strong passwords and force them to change their weak passwords; otherwise, they'll be locked out.
Lock Out Bad Users:
The plugin can also keep bad users that generate several 404 errors at bay and blacklist them.
This is a nifty feature where users cannot access your WordPress dashboard during specific times of the day when you're inactive.
Hide Login and Admin:
In this iThemes Security review, the plugin allows you to edit your default login URL so that hackers won't know where to go.
Regular backups are an important feature in the iThemes plugin. Schedule database backups and have the plugin send them to your email or off-site storage platforms.
Trusted Devices With Session Hijacking Protection:
Session hijacking protection is an additional measure to protect your site from being hijacked by dubious users.
This feature provides an added layer of security so that you can verify user authenticity. Aside from logging into the site with their password, the plugin sends a verification code to their mobile device. We find in this iThemes security review that this feature is useful to deter hackers.
Security Grade Report:
Aside from the dashboard, the plugin also sends a report regarding your site's overall security health.
All your website metrics, log entries, and other relevant data can be viewed conveniently through the dashboard.
The iThemes security plugin is famed for its malware scanner. You're able to do daily scans on your websites regular and receive status reports in case a threat is detected. The plugin checks the site for malware, website errors, blacklist status, and other vulnerabilities.
With more updates come greater vulnerabilities. WordPress sites are subject to regular themes or plugin updates. To mitigate threats from outdated software and other update-related threats, the version management feature triggers automatic updates if these have not been installed for 30 days.
In this iThemes Security Pro review, we appreciate how the plugin verifies the identity of users without requiring them to log in with their passwords. It's a unique feature of the iThemes plugin. Instead of passwords, an email will be sent to you bearing a link to a site that you can access with a button click or magic link.
Another unique feature that we like to emphasise in this iThemes security review is the iThemes Sync. This is particularly helpful for admins who need to manage several WordPress sites in one place. You can now manage all those websites from one central WordPress dashboard!
Support and Resources:
In this iThemes Security Pro review, what is the support quality that you can get from the plugin?
Well, you will have substantial help from the iThemes Help Desk. You can send a ticket to their moderators during business hours, from Monday to Friday (CST). Other than that, there's no phone or email support, which is a tad disappointing.
However, they have an extensive knowledge base, composed of a blog, tutorials, training videos, webinars, eBooks, and FAQs.
We now go to what most people consider the most important criterion in this iThemes Security review – cost. In general, the plugin is more affordable than its counterparts.
The plugin offers a Free version. For the Pro version, there are three pricing options: Gold, Small Business, and Blogger.
The cheapest plan (Blogger) is priced at $80 per year, while the priciest plan (Gold) will set you back $199 per year. Unfortunately, all plans do not offer iThemes Security Pro lifetime updates.
Free plan/trial/money-back guarantee:
In this iThemes Security Pro review, we're glad to report that you can get this plugin for free. If you do subscribe to the paid option, you get a 30-day money-back guarantee.
Conclusion and Recommendations:
There you have it for this iThemes Security review – we discussed ease of use, features, support, and pricing. So to wrap up this iThemese Security review;
What is it best for?
As an intuitive and relatively simpler security tool, it's ideal for bloggers and small business owners.
What is it not best for?
It's not ideal for large enterprises that require sophisticated tools and advanced security functions.
Perhaps the best alternatives we can think of are:
iThemes Security Pro vs Securi. The latter, Sucuri, excels in its superior security tool offerings.
iThemes Security Pro vs WordFence. WordFence is arguably a better alternative if you have a very high-volume website needing advanced security tools.
All things considered, in this iThemes Security Pro review, we recommend that you go and test-drive this Freemium plugin to know how far it can secure your WordPress website. Still, if you're not keen, you can always look for other security options and do your due diligence.
What is iThemes?
It's a WordPress plugin that acts as a security measure to deter malware and other cyber threats from attacking your website.
Can you use the plugin for free?
Yes - there's an iThemes free security plugin that you can use, although with scaled-down features than the paid version.
Thanks for reading our iThemes Security Pro review, and don’t forget to keep an eye out for our ever-growing blog of review and comparison articles. Check out reviews of related security solutions, website builder, gadget, and eCommerce platform review and comparison articles such as;
Not only the best tea/coffee maker on the team Sophie keeps the many marketing projects flowing ensuring completion on time. Skilled across multiple marketing skill areas Sophie is our all rounder and a great asset to the team. Sophie is a website building trainer and tech writer who takes pride in helping small businesses and startups build their websites and launch their eCommerce platforms. Sophie is also the practical joker of the team and always wears a smile on her face. In her spare time she likes to spend her time with family. She loves going on holidays and spending time with friends.