The TL;DR: If you have a WordPress site, you need iThemes Security Pro (ITSP). It’s the very first plugin I install once a site is up and running. The. Very. First.

Why?

The bad news is that sites powered by WordPress, due to its popularity, are a ripe target for various attacks. The very good news is that iThemes has a team of experts working full time to write iThemes Security Pro which thwarts these attacks. WordPress doesn’t do a bad job, per se, but an “out of the box” installation doesn’t necessarily optimize security. ITSP does, with easy-to-use settings and more complex settings for advanced users.

Once installed, there’s even a free version that has many excellent features such as a quick security check, banning users, forcing your site to SSL, and even WordPress tweaks. But for the truly paranoid (like me) you’ll want to pony up for the full version which adds malware scanning, 2-factor Authentication (2FA!), reCAPTCHA on various forms, and even a more extensive user security check.

I highly recommend paying for a license. Full disclosure: I know these guys and know how dedicated and competent they are. I have purchased my own license. It’s worth it for the peace of mind. And no, they’re not paying me for this.

Did I mention that this is the very first plugin I install? It is. Having your WordPress site protected is that important, and iThemes Security Pro does it better than anyone.

• Get it today: https://ithemes.com/security/