Plugin0 - Build Features & Discover WordPress Plugins with AIBeta
Home Plugins iron security
Iron Security – WordPress Security Plugin logo

Iron Security – WordPress Security Plugin

by WpIron on WordPress.org

Hardening tool that blocks hackers and protect against: Brute Force Attacks, Exploits, Injections, Clickjacking and other important functionalities.

(1)
screenshot-1.png

screenshot-1.png

Iron Security is your WordPress security bodyguard.

It shields your site from brute force attacks, unauthorized admin access, file injections, and common exploits like XML-RPC and REST API abuse. Whether you’re a solo creator or managing client sites, Iron Security delivers essential protection without the performance hit.

🔒 Don’t wait until your site is compromised. Secure it now — effortlessly.

Iron Security includes real-time brute-force protection, custom login URLs, HTTP headers, session control, malware upload prevention, and much more. All from a single, easy-to-use plugin dashboard.

Protects Against:
– 🔐 Brute Force Attacks (Limit login attempts, 2FA)
– 👮 Unauthorized Admin Access (Custom login URL, admin limit)
– 👤 User Enumeration
– 🎯 Admin Account Targeting (Admin ID & username protection)
– 💣 XML-RPC & REST API Exploits
– 🛡️ Code Injection & PHP Malware Uploads
– 📂 Direct Access to Sensitive Files
– 📛 MIME Sniffing & Content-Type Exploits
– 🖼️ Clickjacking
– 🧬 Cross-Site Scripting (XSS)
– 🌐 Referrer Leakage

🔐 Key Features

🛠 General Hardening

  • Disable XML-RPC & REST API
  • Hide WordPress & WooCommerce versions
  • Block AI & scraping bots
  • Disable file editor
  • Enable plugin & core auto-updates

🔍 Security Logs

  • View detailed logs of login attempts and alerts
  • Filter logs by IP, message, or date
  • Audit suspicious activity easily

🔑 Login & Authentication

  • Custom login/admin URL
  • Limit login attempts with lockouts
  • Session timeout for idle users
  • Limit number of administrators
  • Block user enumeration
  • Change default Admin ID and Username
  • Enable 2FA (Google Authenticator)

🗂 Files & Directory Protection

  • Block PHP file uploads
  • Prevent direct access to core/system files

📦 HTTP Security Headers

  • X-Content-Type-Options
  • X-Frame-Options
  • X-XSS-Protection
  • Strict-Transport-Security
  • Referrer-Policy
  • Content-Security-Policy
  • Permissions-Policy

Iron Security is built for creators who care about speed, simplicity, and security. If you’re not securing your site, you’re risking everything.

Credits

Developed and maintained by WPIron

License

This plugin is licensed under the GPLv2 or later.

Active installations20+
Weekly downloads
123-5.38%
Version2.5.3
Last updated7/23/2025
WordPress version4.7
Tested up to6.8.2
PHP version7.4
Tags
2FAfirewallloginmalwaresecurity

Related Plugins

SiteLock Security logo

SiteLock Security

Secure Your Word™. SiteLock WordPress Plugin provides complete website security management without leaving WordPress. Users can access their SiteLock …

1K+
Astra Security Suite – Firewall & Malware Scan logo

Astra Security Suite – Firewall & Malware Scan

Astra is the complete security suite for your WordPress. Rock solid firewall with immediate malware cleanup & security audit for your WordPress.

1K+
WP Face Login – Face Authentication For WordPress logo

WP Face Login – Face Authentication For WordPress

Enable face authentication login with ease

1K+
Iron Security – WordPress Security Plugin | Plugin0