=== Security by Supsystic ===
Contributors: supsystic.com
Donate link: http://supsystic.com
Tags: security, wordpress security, security plugin, attack, cellphone sign-in, cellphone signin, firewall, firewall security, front-end security, hack, heart bleed, htaccess, HTTP log, infrastructure security, injection, lock, log, login alerts, login security, malware, personal security, phishing, php5-fpm, privacy, private, protect, protection, proxy security, rfi, scrapers, script, secrity, secure, secure login, secure website, security log, SQL Injection, two factor security, two-factor, twofactor, users, virus, vulnerability, web server security, website security, xss, supsystic, 404 detection, ban, ban hacker, hacker, restrict, SQL Injection
Tested up to: 4.3.1
Stable tag: 1.0.8

Defence from all attacks with Security by Supsyctic. Firewall, Login Security, Hide WordPress, Blacklist, Country blocking, captcha on login and more

== Description ==

Reliable protection is simple with Security by Supsystic. Security plugin allows minimizing the risk of unauthorized access to your website, admin area and files. 

[WordPress Security Plugin](http://supsystic.com "WordPress Security Plugin") by Supsystic performs constant monitoring of suspicious activity and is capable of promptly responding to secure alerts. Convenient setting manager will explain the necessity of each secure feature, allowing selecting the security level. Country blocking, captcha on login, schedule scans all these security options available for free.

The ultimate security of your website is obtained through a combination of features:

* Login Security
* Scan (folders and files, data-bases for mailware and spyware)
* Firewall
* Black Lists
* Hide WordPress option
* Logs and Statistics

= Video Tutorial How to Secure WordPress website =

[youtube http://www.youtube.com/watch?v=3JISJD47D0g]

= Login Security =

* Integrated protection against unauthorized access
* Verifies user names and passwords for difficulty
* Changes passwords with specified frequency
* Two-stage access system
* Black-list setting and analysis of access attempts

= Scan (folders and files, data-bases for mailware and spyware) =

All data is stored in files and data bases. Thats why after protecting the access door and setting Login Security it is important to think about the back door as well, including database files access and scanning the files for security backdor and mailware. Today WordPress is the most common CMS, which means that it is exposed to most attacks and threats. 

= Firewall and Black Lists =

Website requests statistics may serve as a perfect tool to protect it from planned intrusions. Security check and monitor the data manually or set automatic filters that will react to suspicious activity by blocking intruders through black lists.

= Hide WordPress option = 

You can easily avoid an attack by disguising the fact that your CMS is Wordpress. Security by Supsystic implemented various hide WordPress options that minimize the risk of identifying your Wordpress website. This option does not affect the functionality and performance of your site.

= Logs and Statistics = 

Statistic analyzes various website requests and helps determine those that represent potential security danger to your site. For example, requests that are aimed for system vulnerability or have higher frequency.


== Installation ==

= First time Security by Supsystic user =
 
Thank you for choosing Security by Supsystic! Open page of our plug-in admin panel WordPress and you will see eight menu items: "Main Page", "Login Security", "Scan file", "Firewall", "Blacklist", "Hide Me", "System" and "Statistics".
You can start with the scan files - there is the ability to scan “Files and Folders permissions” and “UnAuthorize File changes”. For this you need simply click on the “Scan Now” button opposite the necessary option on the “Scan File” tab. After the scan is finished, you will see the scan result on the right from the button. If issues will be found, you'll see them at the bottom of the page and will be able to fix them. 
On other tabs you can find a lot of options for protect your website, such as Capcha on login, Admin IP login protection, Hide server info, 404 Black list detection, Disalow user site on other domains in iframe and many others, which you can easily activate by clicking on the appropriate checkbox option. Don't forget to press the "Save" button. 
It is also possible to monitor and analyze information, that may protect your website, on the Statistics tab; check your server mail functionality and see your system info on the System tab.

= To install a plugin via FTP, you must =

1. Download the plugin
2. Unarchive the plugin
3. Copy the folder with plugin
4. Open ftp \wp-content\plugins\
5. Paste the plug-ins folder in the folder
6. Go to admin panel => open item "Plugins" => activate the plugin 

NOTE: Dont forget to using backup as the one of the most effective way to defence your website

== Screenshots ==

1. [Security by Supsystic](http://supsystic.com "WordPress Security Plugin") - secure alerts and notifications page

== Other Notes ==

= Security by Supsystic Features and Security Settings =
 
Security by Supsystic implies one-click setup method instead of breaking up options and settings into multiple separate different options and settings. One-click means figurative not literal usage, described in the concept meaning several tasks being performed through one button click. Security Modes setup takes only four clicks to perform website maximum safety established by the complex set of the Security by Supsystic security features and codes. Security Supsystic Custom Code feature allows to perform:

* customization,
* whitelisting,
* adding Security by Supsystic Custom Code,
* adding other personal custom .htaccess code

= htaccess Core Website Security (Security/Firewalls) =

WordPress Website Security Protection is performed by means of Security by Supsystic method to shield the website from numerous hacking attempts. The .htaccess security filters developed for the Security by Supsystic are designed especially to match various ill-natured hacking attacks to shield the website working options and server resources from negative impact as in "Action Approach".

= Login Security & Monitoring Website Security (Security/Monitoring) =

There are Log All User Account Logins, Log Only User Account Lockouts, Brute Force Login Security Protection. There are five various options for e-mail alerting depending on the occasion.

= DB Backup: Database Backup Website Security (Security/Backup) = 

Data Base Backup options and settings as well as default setup are automatically performed during upgrades and up-to-dated installations. There are several Data Base Backup variations (Backup zipped files are e-mailed):

* manual backup,
* scheduled backup,
* selective database table backup,
* full database backup.

= Security by Supsystic is Website Performance Optimized (Performance/Optimization) =

Security by Supsystic is website performance optimizer and it does not do the following:
1.     abuse the WordPress Database by making excessive MySQL Queries,
2.      store excessive and non-essential data in the WordPress Database,
3.     use excessive Server Memory and Resources.
4.     use gimmicks / bells / whistles to let the website perform at a good level.
Security by Supsystic using Speed Boost Cache Bonus Code may speed up and in a way improve the website performance.

= FrontEnd/BackEnd Maintenance Mode (Security/Development) =

It has a website visitor Countdown Timer; when it has counted down to a zero an e-mail will be sent with a corresponding notification. The new Security by Supsystic Maintenance Mode consists of twenty background images and fifteen center images. The switch between the two modes is performed very easy and quick.

FrontEnd Maintenance mode - is primarily designed for development and maintenance purposes
BackEnd Maintenance Mode - is technically a security feature enabling BackEnd Maintenance Mode to deny access to the /wp-admin folder/WP Dashboard by IP address.

= The .htaccess (distributed Server configuration files) Website Security =

The .htaccess files are to be the first processed before any other codes on the website, meaning that any hacker menacing scripts are to be intercept and stopped by the Security by Supsystic .htaccess files/Firewalls (specified for the Apache Linux Servers) before they have a chance to get to the php code in the WordPress.

== Changelog ==

= 1.0.8 / 24.04.2015 =
 * Modified functionality for hiding wp-admin area.
 * Correct auth url for sms auth
 * Added video tutorial

= 1.0.7 / 20.02.2015 =
 * Fix some issues in admin area for DEBUG mode enabled
 * Some fixes for admin sticky bars
 * Additional core code improvements

= 1.0.6 =
 * Added admin login statistics (IP, User ID, Email, Date)
 * Core improvements
 * Minor issues fix for DEBUG mode enabled
 * Minor design issues fix (popup buttons color)

= 1.0.5 =
 * Remove unused files - make plugin more lighter
 * PRO version pre-integration
 * Additional core improvements

= 1.0.4 =
 * Optimize plugin installation
 * New option - Hide server info
 * Additional code improvements

= 1.0.3 =
 * Minor issues fix
 * Small readme corrections

= 1.0.2 =
* Added tooltips with different security descriptions
* Custom select list for countries in Blacklists