All About Solid Security’s Tools

The Solid Security Tools page provides you with powerful, one-time features designed to handle maintenance, configuration resets, and recovery actions. These features work directly on site configuration, files, and database. Key Considerations Actions are immediate and affect the live site, so always proceed with caution when using the tools. Ideally, only run a tool after creating a...

Using Solid Security’s CAPTCHA

Implementing CAPTCHA on a WordPress website is a security tool designed to help prevent automated abuse of WordPress login, registration, and comment forms. Solid Security Pro offers built-in support for several CAPTCHA providers, including Google reCAPTCHA (v2, v3, and Invisible), hCaptcha, and Cloudflare Turnstile. This feature is configurable and designed to integrate seamlessly with native...

All about Firewall with Solid Security

What is the function of Solid Security’s Firewall Feature? The Firewall feature in Solid Security provides essential protection against malicious traffic, unauthorized access attempts, and common web vulnerabilities on WordPress websites. By offering customizable rules and advanced traffic filtering, the firewall helps to ensure that only legitimate traffic reaches your site while blocking harmful requests...

Solid Security Two-Factor Authentication (2FA) Settings Guide

What is Two-Factor Authentication (2FA)? Two-Factor Authentication (2FA) enhances the security of user accounts by requiring a secondary authentication code in addition to the usual username and password when logging in. This method helps protect against unauthorized access, even if your primary password is compromised. Enabling Two-Factor Authentication Workaround: To force the old 2FA settings...

Releasing Site Lockouts in Solid Security

Releasing a lockout in Solid Security can be done in several ways, depending on your level of access to the site and hosting environment. This guide covers the different methods available — from using the WordPress dashboard, to making file changes, to running server commands — so you can choose the best option for your...

Diagnosis Tips: Raw Details of Site Scanner Logs

In the process of diagnosing problems highlighted by the Solid Security Site scanner, you’ll need all the details you can get. The raw detail option is the fastest way to dial into exactly what’s wrong with your site, to know how to move forward in resolving the issue, and return your site to a worry-free...

SolidWP Licensing: How to Make sure your site is licensed correctly

To license the Solid Security Pro plugin, log into your website and go to WordPress Dashboard -> Settings -> SolidWP Licensing.  Under the Unlicensed Products section, tick the Solid Security Pro checkbox and enter your SolidWP username and password. Then, click the “License Products” button. Ensure that the Licensed URL is correct and matches your site. While the vast majority of...

All about Solid Security’s Debug Mode

Solid Security is built by experts in WordPress and web security, and designed to “just work” without users needing to be security experts. You’re a professional, but you don’t need to be a web professional to use this tool. The experts that built Solid Security also baked into it a way for other web professionals...

Frequently Asked Questions

Vulnerability Protection with Solid Security

Solid Security Pro’s Vulnerabilities feature identifies and manages security vulnerabilities within your WordPress system and plugins. Here’s a breakdown of how it typically works: Scanning and Assessment:Vulnerability Scan monitors websites regularly to identify potential vulnerabilities in WordPress installations or plugins. These can include outdated software, misconfigurations, and known security weaknesses. Vulnerability Database: Solid Security Pro...

Security Logs

The Solid Security Logs area provides you an exhaustive view of security (or security-adjacent) activities on your WordPress site, giving you the ability to monitor and investigate potential security threats effectively. The logs help you identify patterns, such as repeated login attempts or recognize vulnerabilities discovered by the Solid Security Site Scanner.  You can configure...

All about User Security with Solid Security

User Security is a powerful module within Solid Security designed to centralize user account management while enhancing website security. It provides administrators with handy tools to monitor user activity, enforce critical security policies, and customize access controls based on specific needs. With features such as two-factor authentication, password management, and user group permissions, administrators can...

All about Solid Security Site Scans

The Site Scans page is where you can run a manual Site Scans and review the results. Solid Security’s Site Scanner scans your site for security issues found in these areas:  To run a manual Site Scan, go to the Security Site Scans page and select the “Start Site Scan“ button: To view the results...

Solid Security Dashboard

The Solid Security Dashboard utilizes Security Cards to organize all your security activity in a more digestible way. Security Cards allow you to see just the data you want first, and even some direct ways to administer security fixes for your WordPress website without leaving the dashboard.  By default, both Solid Security Basic and Solid...

What are Passkeys for WordPress Websites?

Passkeys are the most secure way to log into your WordPress websites. Passkeys use public-key cryptography, where a public and private key pair is generated on your device (a computer or phone, or even a dedicated cryptography device). The private key, which verifies your identity, stays on your device and is never shared. The public...

All about the Solid Security Settings

Once you’re up and running with Solid Security, it’s helpful to have a clear understanding of how the settings work, individually. The Settings section is your command center for customizing your Solid Security settings to meet your website’s needs. Here, you can find essential options for global settings, module management, notifications, and fine-tune specific features...

Understanding Trusted Devices in Solid Security

The Trusted Devices module provides an additional layer of security against Stolen Session Cookie attacks, a common threat in WordPress websites. This provides you with a method to get notified of an unrecognized device attempting access, which you can confirm via email or from the admin bar.  Key features include optional email notifications for unrecognized...