Description
Easily improve site security with WordPress Hardening, Two-Factor Authentication (2FA), Login Protection, Vulnerability Detection and SSL certificate.
Really simple, Effective and Performant WordPress Security
Really Simple Security is the most lightweight and easy-to-use security plugin for WordPress. It secures your WordPress website with SSL certificate generation, including proper 301 https redirection and SSL enforcement, scanning for possible vulnerabilities, Login Protection and implementing essential WordPress hardening features.
We believe that security should have the absolute minimum effect on website performance, user experience and maintainability. Therefore, Really Simple Security is:
- Lightweight: Every security feature is developed with a modular approach and with performance in mind. Disabled features won’t load any redundant code.
- Easy-to-use: 1-minute configuration with short onboarding setup.
Security Features
Easy SSL Migration
Migrates your website to HTTPS and enforces SSL in just one click.
- 301 redirect via PHP or .htaccess
- Secure cookies
- Let’s Encrypt: Install an SSL Certificate if your hosting provider supports manual installation.
- Server Health Check: Your server configuration is every bit as important for your website security.
WordPress Hardening
Tweak your configuration and keep WordPress fortified and safe by tackling potential weaknesses.
- Prevent code execution in the uploads folder
- Prevent login feedback and disable user enumeration
- Disable XML-RPC
- Disable directory browsing
- Username restrictions (block ‘admin’ and public names)
- and much more..
Vulnerability Detection
Get notified when plugins, themes or WP core contain vulnerabilities and need appropriate a... [truncated]
Installation
To install this plugin:
- Make a backup! See our recommendations.
- Download the plugin.
- Upload the plugin to the /wp-content/plugins/ directory.
- Go to “Plugins” in your WordPress admin, then click “Activate”.
- You will now see the Really Simple Security onboarding process, to quickly help you through the configuration process.
wp plugin install really-simple-ssl --activateFrequently Asked Questions
For more detailed explanations and documentation on all Really Simple Security features, please search the Knowledge Base
All features that made Really Simple SSL the most powerful and easy-to-use SSL generation and redirect plugin are still part of Really Simple Security. The plugin is developed with a modular approach: if you don’t want to use the full set of security features, the unused code will not be loaded and won’t have any effect on your site’s performance.
In our experience, security solutions for WordPress are often hard to configure, trigger many false positives and have a significant impact on site perform... [truncated]
Changelog
9.5.2.2
- Fix: a TypeError in the 2FA query builder that could occur when updating from older plugin versions
9.5.2
- Fix: all users will now appear in the 2FA list
- Fix: tasks will now always display on multisite
- Improvement: the activate_ssl WP-CLI command can now be run with the –force argument to skip confirmation
9.5.1
Improvement: standardized REST namespaces to really-simple-security
Fix: added a check for the getmyuid function to prevent errors in case this function was missing
Fix: Right-To-Left CSS now works correctly when SCRIPT_DEBUG is enabled
9.5.0.2
- Fix: Prevent empty content to be written into htaccess
9.5.0.1
- Fix: Prevented .htaccess from being overwritten with an empty file, auto-creation now requires explicit filter opt-in
9.5.0
- Improvement: reworked .htaccess handling with insert_with_mar... [truncated]