=== SecurelyWP – Vulnerability Scanner and Security Hardener for WordPress === Contributors: mdashar, securelywp Tags: security, hardening, vulnerability scanner, system details, wordpress protection, security headers Requires at least: 5.0 Tested up to: 6.8.2 Stable tag: 1.0.5 License: GPLv2 or later License URI: [https://www.gnu.org/licenses/gpl-2.0.html](https://www.gnu.org/licenses/gpl-2.0.html) SecurelyWP is a simple security plugin that protects your WordPress site right after you install and activate it—no setup needed! It instantly secures your site with powerful features, scans for risks, and shows your site’s health. == Description == SecurelyWP is a hassle-free security plugin that makes your WordPress site safer the moment you activate it. No configuration or technical skills required—just install, activate, and your site is protected! It includes strong security features, a vulnerability scanner, a system details page, and security headers to keep your site secure and healthy. ### Why Choose SecurelyWP? **Works Out of the Box**: All security features start protecting your site as soon as you activate the plugin. **Comprehensive Protection**: Guards against common threats like hacking and malicious files. **Lightweight**: Keeps your site fast without changing its look. **Free Features**: Includes a vulnerability scanner, system details, and security headers to monitor your site’s health. ### Features 1. **Hide WordPress Version** **Why**: Stops hackers from targeting weaknesses in your WordPress version. **Impact**: Good protection with no effect on your site’s appearance. 2. **Disable PHP Execution in Uploads Folder** **Why**: Prevents harmful scripts from running if someone uploads a bad file. **Impact**: Strong defense against file-based attacks. 3. **Prevent User Enumeration** **Why**: Blocks hackers from guessing usernames through sneaky methods. **Impact**: Keeps your user list safe from prying eyes. 4. **Detect & Warn About “admin” Username** **Why**: Alerts you if your site uses the risky “admin” username, a favorite target for hackers. **Impact**: Big security boost if you change the username. 5. **Disable File Editing in Dashboard** **Why**: Stops anyone from messing with your site’s code through the WordPress dashboard. **Impact**: Major safeguard against unauthorized code changes. 6. **Force HTTPS for Login & Admin** **Why**: Ensures your login and admin pages use a secure connection to protect your password. **Impact**: Critical for keeping your credentials safe. 7. **Basic Brute Force Protection (Lite)** **Why**: Temporarily blocks repeated failed login attempts to stop password-guessing attacks. **Impact**: Strong protection against login attacks. 8. **Vulnerability Scanner** **Why**: Checks your plugins, themes, and WordPress core for known security issues. **Impact**: Helps you find and fix risks before hackers exploit them. 9. **System Details** **Why**: Shows important info about your site, like version, themes, and file counts, to monitor its health. **Impact**: Keeps you informed about your site’s status. 10. **Security Headers** **Why**: Adds HTTP headers that improve your site’s security by helping browsers handle your content safely and reducing risks like clickjacking, content injection, and protocol downgrade attacks. **Impact**: Strengthens your site’s defense with minimal setup, protecting both your site and its visitors. SecurelyWP is perfect for beginners and pros alike, offering instant security without any setup. Install it today to keep your WordPress site safe! == Installation == 1. **Download and Install**: * Go to your WordPress dashboard, click "Plugins" > "Add New," and search for "SecurelyWP." * Click "Install Now" and then "Activate." * Or, upload the plugin ZIP file via "Plugins" > "Add New" > "Upload Plugin." 2. **Done!** The plugin starts protecting your site immediately after activation. Check the "SecurelyWP" menu to view your site’s health or scan for risks—no setup needed! == Frequently Asked Questions == = Do I need to configure anything after installing SecurelyWP? = No! SecurelyWP works right out of the box. All security features activate automatically when you install and activate the plugin. = Will this plugin slow down my site? = No, SecurelyWP is lightweight and won’t affect your site’s speed or performance. = Does it work with my theme or other plugins? = Yes, SecurelyWP works with any WordPress theme and most plugins. It focuses on security without changing your site’s look or functionality. = What if my site doesn’t have HTTPS? = The "Force HTTPS" feature requires an SSL certificate. If your site doesn’t have one, contact your hosting provider to set it up. Other features work fine without HTTPS. = How often does the vulnerability scanner run? = The scanner runs automatically in the background and lets you check for risks anytime from the SecurelyWP menu. = Can I use SecurelyWP on a multisite? = Yes, SecurelyWP works on both single sites and multisite setups, protecting all sites automatically. == Screenshots == 1. **Dashboard**: See a quick overview of your site’s security status and health. 2. **Vulnerability Scanner**: View results of automatic scans to identify and fix risks. 3. **System Details**: Check a clear report of your site’s version, themes, and more. 4. **Security Headers**: Overview of active HTTP security headers protecting your site. == Changelog == = 1.0.5 = * Added Security Headers feature to improve site protection with industry-standard HTTP headers enabled by default. = 1.0.4 = * Added Hide WordPress Version * Added Disable PHP Execution in Uploads Folder * Added Prevent User Enumeration * Added Detect & Warn About “admin” Username * Added Disable File Editing in Dashboard * Added Force HTTPS for Login & Admin * Added Basic Brute Force Protection * Added Vulnerability Scanner * Added System Details * Major features released