SiteBox Security plugin

The final component aimed at enhancing the security of your website is the SiteBox Security plugin. It extends the capabilities of your WordPress installation with several useful features designed to streamline the operation of WP and reduce the risk of hacking.

Plugin features

SiteBox Security consists of multiple modules that you can enable or disable individually on your website. All of these settings are accessible in the WordPress Dashboard under the "SiteBox" menu. This user-friendly interface allows you to fine-tune your website's security settings according to your specific needs and preferences.

Authentication module

This module allows you to expand the authentication capabilities in WordPress. It can enforce login requirements to access your website or adjust session duration. All of these options enhance the security of the wp-login.php login form, making it a robust layer of protection for your site.

Limit Login Attempts

This module effectively blocks login attempts to the WordPress dashboard that use brute force attacks. It adds an additional layer of security to safeguard your WordPress admin area from unauthorized login attempts, enhancing the overall protection of your website.

Hiding WordPress version

This module enables you to conceal the WordPress version in the page source. This is particularly valuable, especially when your WordPress version is not the latest. Information about the WordPress version can be exploited by attackers attempting to target known vulnerabilities specific to that version. Hiding this information helps reduce the risk of potential attacks, bolstering the security of your website.

REST API

This module allows you to disable access to the REST API for all users or only for those who are not logged in. The REST API can be exploited by attackers to retrieve information that is not typically accessible on the website. Additionally, the module enables you to activate Content Security Policy (CSP) rules, providing an extra layer of security to control and mitigate potential security risks associated with content loading and execution on your website.