Plugin0 - Build Features & Discover WordPress Plugins with AIBeta
Home Plugins iron security
Iron Security – WordPress Security Plugin logo

Iron Security – WordPress Security Plugin

by WpIron on WordPress.org

Hardening tool that blocks hackers and protect against: Brute Force Attacks, Exploits, Injections, Clickjacking and other important functionalities.

(1)
screenshot-1.png

screenshot-1.png

Iron Security is your WordPress security bodyguard.

It shields your site from brute force attacks, unauthorized admin access, file injections, and common exploits like XML-RPC and REST API abuse. Whether you’re a solo creator or managing client sites, Iron Security delivers essential protection without the performance hit.

🔒 Don’t wait until your site is compromised. Secure it now — effortlessly.

Iron Security includes real-time brute-force protection, custom login URLs, HTTP headers, session control, malware upload prevention, and much more. All from a single, easy-to-use plugin dashboard.

Protects Against:
– 🔐 Brute Force Attacks (Limit login attempts, 2FA)
– 👮 Unauthorized Admin Access (Custom login URL, admin limit)
– 👤 User Enumeration
– 🎯 Admin Account Targeting (Admin ID & username protection)
– 💣 XML-RPC & REST API Exploits
– 🛡️ Code Injection & PHP Malware Uploads
– 📂 Direct Access to Sensitive Files
– 📛 MIME Sniffing & Content-Type Exploits
– 🖼️ Clickjacking
– 🧬 Cross-Site Scripting (XSS)
– 🌐 Referrer Leakage

🔐 Key Features

🛠 General Hardening

  • Disable XML-RPC & REST API
  • Hide WordPress & WooCommerce versions
  • Block AI & scraping bots
  • Disable file editor
  • Enable plugin & core auto-updates

🔍 Security Logs

  • View detailed logs of login attempts and alerts
  • Filter logs by IP, message, or date
  • Audit suspicious activity easily

🔑 Login & Authentication

  • Custom login/admin URL
  • Limit login attempts with lockouts
  • Session timeout for idle users
  • Limit number of administrators
  • Block user enumeration
  • Change default Admin ID and Username
  • Enable 2FA (Google Authenticator)

🗂 Files & Directory Protection

  • Block PHP file uploads
  • Prevent direct access to core/system files

📦 HTTP Security Headers

  • X-Content-Type-Options
  • X-Frame-Options
  • X-XSS-Protection
  • Strict-Transport-Security
  • Referrer-Policy
  • Content-Security-Policy
  • Permissions-Policy

Iron Security is built for creators who care about speed, simplicity, and security. If you’re not securing your site, you’re risking everything.

Credits

Developed and maintained by WPIron

License

This plugin is licensed under the GPLv2 or later.

Active installations20+
Weekly downloads
123-5.38%
Version2.5.3
Last updated7/23/2025
WordPress version4.7
Tested up to6.8.2
PHP version7.4
Tags
2FAfirewallloginmalwaresecurity

Related Plugins

WP Firewall logo

WP Firewall

Protect WordPress from hacker attacks, spam and dangerous actions.

50+
Login by Magic logo

Login by Magic

Login by Magic plugin replaces the standard WordPress login form with one powered by Magic that enables passwordless email magic link login.

50+
Customize WP-Login logo

Customize WP-Login

Customize WP-Login by AlterTech provide a visual editor to customize the wp-login page.

40+
Iron Security – WordPress Security Plugin | Plugin0