Secure your site. Protect your business.

Defend your site against the most common vulnerabilities on WordPress.

  • Custom user login security requirements
  • Brute force protection
  • Two-factor authentication and passkeys
  • Patchstack Integration

Number of sites

  • 1
  • 5
  • 10
  • 25
  • 26+
1
$99 per year
Get Solid Security Pro

In partnership with:

Secure your site with Solid Security Pro

Premium features add layers of protection to your site and your business. Solid Security Pro is a powerful WordPress security plugin.

Protect your data

Safeguard your most valuable assets: user and ecommerce data. Restrict actions from unrecognized devices and depend on Patchstack to detect vulnerable plugins.

Close user security gaps

Eliminate weak login credentials, scan for inactive accounts and rogue installs, and enable trusted devices.

Identify vulnerable plugins

Get to the root of vulnerabilities in your WordPress site with user activity logging and integrate with WP-CLI.

3 Steps to a Secure Site with Solid Security Pro

Enhance login security

  • Strengthen user login authentication with premium, hassle-free safeguards.
  • Require strong passwords and enable two-factor authentication, passkeys, or magic links.

Scan for vulnerabilities

  • Run scheduled scans to identify vulnerable software.
  • Automatically update compromised plugins as patches become available.

Stop brute force attacks

  • Lock out bad users identified by our Brute Force Protection Network.
  • Create your own blacklist of bad actors.
Thinking About Going Pro?

Your foundation for a secure website since 2014. Built by WordPress security experts.

We promise you’ll love it, or your money back.

We’re confident SolidWP will exceed expectations, with premium support to help resolve issues. If you’re unsatisfied for any reason, reach out within 30 days of your purchase. We’ll find a solution or issue a full refund.

Buy Now Reasons to Go Pro

The only WordPress security plugin you need — period

Skip the hassle of authentication apps, password managers, and complex password requirements.

  • Biometric login is compatible with Face ID, Touch ID, and Windows Hello.
  • Passkey technology is compatible with Chrome, Firefox, Safari, and other browsers.
  • Hassle-free authentication ensures secure logins for website admins and users.

Rest easy with local and network brute force protection. Local protection bans IP addresses and login attempts based on your lockout rules. Network protection goes further by banning IPs caught trying to break into other sites.

  • Customize your failed login attempts threshold.
  • Set lockout rules to ban IP addresses.
  • Automatically ban IP addresses flagged by the Solid Security community of more than 1 million sites.

Monitor your site’s behind-the-scenes activity. Solid Security keeps 24/7 watch over your site’s security and alerts you to threats.

  • Customize security dashboards for different users, like clients and other stakeholders.
  • Choose which reports you receive and how often.
  • Depend on private, ticketed support from the SolidWP team.

An easy and safe way to create a universal user you can give to any outside developers or support techs who need temporary access to your website

  • Makes it easy and safe to grant temporary admin access to outside contractors and support technicians.
  • Allows you to grant a user extra capabilities for a specified amount of time.
  • No need to create a new users every time you need to grant access to your website.

Streamlined plugin and theme management

  • Custom delay periods for plugin and theme updates
  • Automatically update a plugin or theme if it fixes a vulnerability
  • Apply a virtual patch to vulnerable code when no update is available

The Trusted Devices feature works to identify the devices that you and other users use to log in to your WordPress site.

  • Allow admin users to approve the devices they frequently use to log in to the site.
  • Blocks admin user logins from unrecognized devices by restricting admin capabilities.
  • Sends email notifications if a user logs in from an unrecognized device.
Get Solid Security Pro
Get Solid Security Pro

30,000 websites are hacked every day

20-40%

Of WordPress sites have vulnerable code right now

50%

Nearly half of all targeted cyberattacks prey on small- to medium-sized businesses

20%

Of businesses nearly faced bankruptcy after a cyberattack (2022)

2.98M

The average cost of a data breach for businesses with fewer than 500 employees was $2.98 million in 2021

Customer trust, business stability, and brand reputation are lost when your site is breached

1,779

Vulnerabilities disclosed in WordPress-related plugins, themes, and the core WordPress platform in 2022

57%

The United States saw a 57% jump in cyberattacks as hackers exploit vulnerable websites with unhardened security practices

Let’s make sure your website isn’t one of them

Trusted by thousands of businesses all over the world

“I was using one of Solid Security’s competitors and we still got hacked! Since I’ve been using Solid Security our site has been rock solid! Love the products and the team.”

Erica Eide —
Founder, small business

Act quickly to keep hackers at bay Explore Solid Security Pro

“The Solid Suite of products helps me help my clients get more visible online and help them make more money with their website. Highly recommended!”

Paul Taubman —
Chief Online Strategist

Make money with your website Get Solid Suite

“Using SolidWP products helps me make a difference in the success of others. I know I can count on them to deliver the results I want for my clients.”

Sue Spencer —
Founder, web design

Setting clients up for success Get Solid Suite

FAQ

SolidWP Support Explore SolidWP Resources Chat with us

Logging in without a password! This can be done with passkeys assigned to your phone or laptop that are passed from your device to WordPress through your browser. Your device must support the WebAuthn standard for passkeys to work.

SolidWP Security lets you log into your WordPress sites using Apple Face ID, Apple Touch ID, Windows Hello, and passkey technology (WebAuthn) supported by all major browsers, including Chrome, Firefox, and Safari.

Security works with any Time-Based One-Time password Provider (TOTP). Any two-factor authentication app that supports the TOTP standard will work with the Solid Security Pro plugin. The most popular two-factor code generator apps for iOS and Android devices are the Authy, Google Authenticator, and FreeOTP Authenticator apps. Additionally, you can use a YubiKey or other Trusted Platform Module (TPM) devices.

Cloudflare’s Turnstile, Google’s reCAPTCHA (all versions), and Intuition Machines’ hCaptcha.

Yes.

One of the best security practices for a WordPress site owner is keeping software up to date. Because of this, we only test this plugin on the latest stable version of WordPress and will only guarantee it works in the latest version.

No. Solid Security Pro is designed to help improve the security of your WordPress installation from many common attack methods, but it cannot prevent every possible attack. Nothing replaces diligence and good practice. This WordPress security plugin makes it a little easier for you to apply both.

Many of the changes made by this plugin are complex and can break existing sites. While Solid Security Pro can be installed on either a new or existing site, we strongly recommend making a complete backup of your existing site before applying any features included in this plugin.

Solid Security Pro requires Apache or LiteSpeed and mod_rewrite or NGINX to work.

Solid Security Pro makes significant changes to your database and other site files, which can be problematic for existing WordPress sites. Again, we strongly recommend making a complete backup of your site before using this plugin. While problems are rare, most support requests involve the failure to make a proper backup before installation.

DISCLAIMER: Under no circumstances do we release this plugin with any warranty, implied or otherwise. We cannot be held responsible for any damage that might arise from the use of this plugin.