Our versatile WP-Hardening security plugin for WordPress, which facilitates you to conduct a quick security audit and configure important security settings for your site, just got updated with new features to further strengthen the WordPress security.

This Blog Includes show

Here are the newly introduced features in your WP-Hardening plugin:

Security headers,
Automatic security audits,
New security fixers and
An option to add your team members to receive important security updates via email,

Read on to learn how you can benefit from them 🙂

WP-Hardening: All-in-one security plugin

The WP-Hardening plugin acts as a one-stop solution to check and fix missing security measures (which include admin & API security, server hardening, disabling information disclosure & removing meta information, etc.) on your website.

WP-Hardening- A multi-purpose WordPress security plugin

With the new features coming in, it’s going to simplify WP security for you even further. In this blog, we are going to discuss only the new features. For a comprehensive view of all WP-hardening features, visit this page.

So, what’s new?

1. Security Headers

Configuring security headers adds to your WP website’s security. However, learning how to do that manually requires painstaking efforts. Thankfully, you can avoid that now. With this new feature, you can add important security headers to your website in less than one minute.

Here’s how:

Install and activate the WP-Hardening plugin on your website.
Navigate to the ‘WP-Hardening’ icon on the left-bottom of your WP panel and click on ‘Security Fixers’
Expand ‘Security Headers’.

Setting Security Headers with WP-Hardening

Select ‘Deny’ for Clickjacking protection and enable all other security headers with the toggle key.

2. Audit Scheduling

Schedule your audits and free your brain from remembering one more to-do. The new WP-Hardening version brings you a feature to automate your audits with daily, weekly, and monthly scheduling. Now, keep updated with your website’s overall health with security reports and emails, without having to do anything at all.

Here’s how to schedule hardening audits:

Install and activate the WP-Hardening plugin on your website.
Navigate to ‘WP-Hardening’ >>’ Hardening Audit’>>’Settings’

Now, select the frequency and toggle the key to green. You’re all set for a regular audit.

3. Disable WordPress Application Passwords

WordPress introduced Application Passwords for REST API Authentication with the WP version 5.6. It allows third-party applications to authenticate themselves on WordPress using the REST-API. Although Application Passwords have full permissions of the user that generated them, making it possible for an attacker to gain control of a website by tricking the site administrator into granting permission to their malicious application.

Disabling WP Application Passwords is now a feature in the latest WP-Hardening version (version 1.2). You can do this with just a toggle of a button in the ‘Security Fixer’ tab.

Here’s how:

Install and activate the WP-Hardening plugin on your website.
Navigate to ‘WP-Hardening’ >>’Security Fixers’.
Expand ‘Admin & API Security’ and toggle the key next to ‘Disable WordPress Application Passwords’.

Disabling WP Application Passwords with the WP-Hardening plugin

4. Loop your team in

Too busy to read emails? Add your website manager and other team members (up to 15 members) to receive security updates along with you and keep an eye on your website’s security at all times.

Here’s how you can do this:

Go to ‘WP-Hardening’>>Hardening Audit>>Settings.
Enter all the emails of your team member separated by a comma and toggle the key to green.

Exciting, right?

To enjoy these new features, update your WP-Hardening plugin to the latest version 1.2 now. If you’ve questions, drop them in the comment box and we’ll get back to you 🙂