iThemes Security Pro Feature Spotlight – Website Security Grade Report

Nov 18, 2020 | Security - Internet, WordPress, and otherwise

In the Feature Spotlight posts, we will highlight a feature in the iThemes Security Pro plugin and share a bit about why we developed the feature, who the feature is for, and how to use the feature.

Today we are going to cover the WordPress Security Grade Report, a quick and easy way to audit the performance of your website’s security.

Feature Spotlight: Security Grade Report

Why You Need a Website Security Grade Report

All WordPress sites need a solid WordPress security strategy, but how do you know how your security efforts are actually going?

The iThemes Security Pro Grade Report feature helps you quickly find and resolve security weaknesses on your website by showing you a “grade” based on a number of factors that impact the security of your site.

ithemes-security-pro-feature-spotlight-website-security-grade-report iThemes Security Pro Feature Spotlight – Website Security Grade Report

The two areas of website security graded by your Security Grade Report include:

  • The software you have running on your site – This includes the versions of PHP, WordPress core, and any themes and plugins, and whether they are running the last versions
  • Your security settings – If you have enabled the most important settings available in iThemes Security Pro, including two-factor authentication

Secure Software

For example, the WordPress Grade Report will check your website’s software, including the PHP version.

A third of all WordPress websites are using a PHP version that has reached its end of life.

End of life means the software is not being actively developed or receiving critical security updates. Hackers know that any publicly disclosed PHP security vulnerabilities and unpatched vulnerabilities for PHP versions 7.1 and below will remain unpatched. This allows attackers to target and successfully hack websites using older versions of PHP.

Unfortunately, most of us don’t know if we are running a PHP version that is adding a security week spot that any beginner-level hacker can exploit.

The WordPress Security Grade Report will show the outdated and potentially vulnerable software that you need to update before a hacker has a chance to exploit the vulnerability.

Security Settings

We sometimes hear from those of you that have concerns about whether or not you have configured iThemes Security Pro correctly. The Security Grade Report can help!

Your Grade Report also includes an audit of your website’s iThemes Security Pro configuration. The audit will let you know the settings you still need to enable to add the most protection to your website.

Let’s take a closer look at how to enable and use the Grade Report in iThemes Security Pro.

How to Enable the Grade Report in iThemes Security Pro

The Grade Report module is hidden by default. It is hidden to prevent unnecessary concern or confusion to those who aren’t responsible for managing the site’s security.

To enable the WordPress Security Grade Report, navigate to the Global Settings.

ithemes-security-pro-feature-spotlight-website-security-grade-report-1 iThemes Security Pro Feature Spotlight – Website Security Grade Report

You will find the option to enable the Grade Report at the bottom of the Global Settings page.

ithemes-security-pro-feature-spotlight-website-security-grade-report-2 iThemes Security Pro Feature Spotlight – Website Security Grade Report

Once enabled, you will find the Grade Report module on the main page of the security settings.

ithemes-security-pro-feature-spotlight-website-security-grade-report-3 iThemes Security Pro Feature Spotlight – Website Security Grade Report

Inside the Grade Report module, you can select which users can view the Grade Report.

ithemes-security-pro-feature-spotlight-website-security-grade-report-4 iThemes Security Pro Feature Spotlight – Website Security Grade Report

How to Check Your Security Grade

Navigate to the Grade Report page by clicking the Grade Report link in the WP admin menu.

ithemes-security-pro-feature-spotlight-website-security-grade-report-5 iThemes Security Pro Feature Spotlight – Website Security Grade Report

Understanding Your Grade Report

The Grade Report is broken down into 4 different sections.

1. Your Security Grade

Your overall security Grade is a combination of your Software and Security Settings scores.

ithemes-security-pro-feature-spotlight-website-security-grade-report-6 iThemes Security Pro Feature Spotlight – Website Security Grade Report

2. Your Software Grade

ithemes-security-pro-feature-spotlight-website-security-grade-report-7 iThemes Security Pro Feature Spotlight – Website Security Grade Report

Your Software score is based on an audit of the PHP, WordPress, plugins, and theme installed on your website.

Keeping your software updated with the latest security patches is one of the best ways you can secure and protect your website.

Having outdated software with known vulnerabilities installed on your site gives hackers the blueprints they need to take over your website.

Learn how iThemes Security can help manage updates on your website.

3. Your Security Settings Grade

ithemes-security-pro-feature-spotlight-website-security-grade-report-8 iThemes Security Pro Feature Spotlight – Website Security Grade Report

The Security Settings score is based on your configuration of iThemes Security Pro. Your score improves as you add more security layers with iThemes Security Pro.

Check out 10 things to do after installing iThemes Security Pro.

4. Your Grade Summary

ithemes-security-pro-feature-spotlight-website-security-grade-report-9 iThemes Security Pro Feature Spotlight – Website Security Grade Report

In the Summary section, you’ll see a graph indicating the best possible grade your website can achieve. This will help give you a better idea of which security issues are more pressing to resolve so you can get your best grade.

Click the Resolve Issues button in the upper right-hand corner of the summary section to see more details for your software and the individual settings grades.

ithemes-security-pro-feature-spotlight-website-security-grade-report-10 iThemes Security Pro Feature Spotlight – Website Security Grade Report

The Grade Report Issues page provides a summary of every item audited and the grade of each item.

ithemes-security-pro-feature-spotlight-website-security-grade-report-11 iThemes Security Pro Feature Spotlight – Website Security Grade Report

The cool part is that each audit includes an explanation of why the different elements of the Grade Report are essential to your website’s security. Plus, you be provided with an actionable step you can take to resolve issues found in the Grade Report.

The really cool part is that you can resolve most of the security issues in just 2 steps.

  1. Check the box next to the Select All Resolvable Issues.
  2. Click the Resolve Selected Issues button.
ithemes-security-pro-feature-spotlight-website-security-grade-report-12 iThemes Security Pro Feature Spotlight – Website Security Grade Report

Note: Some Security Setting issues will need to be resolved manually. You will need to contact your host to update your PHP version.

After you resolve the security issues, your security grade will be improved.

ithemes-security-pro-feature-spotlight-website-security-grade-report-13 iThemes Security Pro Feature Spotlight – Website Security Grade Report

We can’t forget that good grades mean everything.

Wrapping Up: Your WordPress Security Grade Report

The iThemes Security Pro WordPress Security Grade Report feature helps you to spot outdated and potentially vulnerable software. Plus, it will give you the confidence that you are getting the most out of iThemes Security Pro!

Get iThemes Security Pro

ithemes-security-pro-feature-spotlight-website-security-grade-report-14 iThemes Security Pro Feature Spotlight – Website Security Grade Report

Source

WordPress Development

SEO NEWS

seo news

We’re listening.

Have something to say about this article? Share it with us on Facebook, Twitter or LinkedIn:

SHARE IT HERE:

Subscribe ToThe Weekly SEO Trade News Updates

Get the latest SEO, SEM and SMM marketing intel, tips and tricks from one of the best SEO Gurus online. 

Every Tuesday morning we send out an aggregated email listing all new posts on SEO Trade News.

Excellent! Now check your email to confirm your subscription.