=== 🛡️ Ultimate Security - Robust WordPress Protection Without the Complexity === Contributors: programmelab, wpultimatesecurity Tags: Security Dashboard, IP restriction, 2FA, Anti-bot Requires at least: 5.4 Tested up to: 6.8.2 Requires PHP: 7.0 Stable tag: 1.0.4 License: GPLv2 or later License URI: https://www.gnu.org/licenses/gpl-2.0.html Ultimate WordPress security plugin with Overview dashboard, Password policy, Anti-bot, Plugins/Themes update manager, IP blocking, and more. == Description == Ultimate Security transforms your WordPress site into a fortress. Preventing bad actors from your site and keep it secure. https://www.youtube.com/watch?v=g8qy4Ayr1Ko 🚨 The Problem Every WordPress Site Faces Did you know that 90,000 WordPress sites are hacked every minute? Most security plugins either overwhelm you with complexity or lock essential features behind expensive paywalls. You shouldn't have to choose between security and simplicity. ✅ The Solution: Ultimate Security Ultimate Security is a WordPress security plugin that gives you website-level protection with beginner-friendly controls. Built by WordPress professionals who were tired of bloated, subscription-based alternatives. ✨ Set up complete protection in under 3 minutes ✨ Zero ongoing costs—own your security forever ✨ Your data stays on YOUR server ✨ Modular design—activate only what you need ✨ Performance-optimized plugin won't slow down your site ✅ Stay informed with comprehensive logging and reporting: - Visual dashboard shows WordPress status in real-time - Issues, Critical Threats, Securiy status directly from dashboard - File integrirty check for modified, unkown files ✅ Login - Active login session settings for users. - Login URL masking hides your admin area completely. - Apply robust password policy for all users. - Email Two Factor authentication for extra security - Enable Authenticator application for your users, ✅ Security: - Antibot settings such as Recatpcha, Cloudflare turnstile. - Limit login attempts for your users - WordPress salt change option. Apply new salts from WordPress.org API. - URL guard monitors all your URLS and helps your block/allow specific URL logs. - Keep everything up to date using our update manager policies. ✅ Restrictions: - Allow/block IP to your WordPress site. Redirect them to something specific or block them completely. - Use the debug log to check if IP ✅ More: - Get an overview of your site health. - Backup/restore your settings for another site. - Extra options for our users. 📊 Results from Our Users "After installing Ultimate Security, brute force attempts dropped to my longshot." - Sarah M., Agency Owner "Finally, a security plugin that doesn't require you to be a developer to configure." - Mike T., Small Business Owner "The session management alone is worth it." - Jennifer K., E-commerce Manager 🚀 Quick Start Guide - Installation (2 minutes) - Upload the plugin files to /wp-content/plugins/ultimate-security - Activate the plugin through the 'Plugins' menu - Navigate to Ultimate Security in your admin menu - Configure the security settings as per your requirements 🔐 Whether you're a beginner or a seasoned admin, this plugin gives you a modular, lightweight, and privacy-first way to take back control of your site's security. 💬 Need Help? Got a question? Need help using the plugin? Ask your questions directly in the plugin support section. You can mail us to [support@wpultimatesecurity.com](mailto:support@wpultimatesecurity.com) --- 🔗 External Services Disclosure Cloudflare Turnstile What is sent: The visitor’s Turnstile response token and your site’s secret key. When it’s sent: Only when a user submits a form protected by Turnstile (login, registration, comment, etc.). Service used: Cloudflare Turnstile Verification API — https://challenges.cloudflare.com/turnstile/v0/siteverify Data sent: Token string and secret key; Cloudflare may record the visitor’s IP address, user‑agent, and behavioural signals per their policy. Privacy Policy: https://www.cloudflare.com/privacypolicy/ Google reCAPTCHA What is sent: The visitor’s reCAPTCHA response token and your site’s secret key. When it’s sent: Only when a user submits a form protected by reCAPTCHA. Service used: Google reCAPTCHA API — https://www.google.com/recaptcha/api/siteverify Data sent: Token string and secret key; Google may collect device, browser, and usage data as described in their policy. Privacy Policy: https://policies.google.com/privacy Privacy Policy The restricted IP information is stored on your server. No information is transmitted to third parties or remote server locations. == Installation == 1. Upload the plugin files to the /wp-content/plugins/ directory, or install the plugin through the WordPress plugins screen directly. 2. Activate the plugin through the ˜Plugins™ screen in WordPress. 3. Go to the dashboard -> "Ultimate Security" and you will find the customization options. 4. Customize the configuration options and apply the settings. == Frequently Asked Questions == = What is Ultimate Security? Ultimate Security is a WordPress plugin that allows website admins to easily configure website security best practices. = Will this slow down my site? No. Ultimate Security is performance-optimized and adds less than 0.1s to page load times. Most users see no measurable impact. = Is it compatible with my theme/plugins? Yes. We've tested with 100+ popular themes and plugins. The modular design means you can disable any feature that conflicts. = Do I need technical knowledge Not at all. The setup wizard handles everything. Advanced users can dive into detailed configurations, but it's not required. = What about updates and support? We provide support via WordPress.org forums. = Can I use this on client sites? Absolutely. No license restrictions. Use on unlimited sites. = Is Ultimate Security compatible with WooCommerce? Ultimate Security is tested to work effectively with WooCommerce and its features. While we aim for complete compatibility, if you encounter any issues, our support team is available to assist you. = Can I use it alongside Wordfence or Sucuri? = Yes, but you should disable duplicate modules to prevent double blocking. = How do I regain access if locked out by the firewall? = Via SSH or file manager (FTP/sFTP) of your WordPress site, deactivate the plugin, or rename the plugin folder. == Screenshots == == Changelog == = 1.0.4 = * Design change and updated settings page.