Aug 152014
 

All In One WP Security And Firewall Maintenance helps you setup the website on lock down to prevent visitors viewing your site.

Last Updated: April 2, 2019

Latest News: I updated a link in the end of the documentation.

When you update your site, sometimes you need some time to carry out your updates. This can be related to adding new plugins, tweaking your theme and other areas that might require your attention. Lucky for you All In One WP Security has the Maintenance feature included. This allows you to set your site in maintenance mode wile you carry out all your updates and jobs. You can even make your site a private blog if you want. You can read more about it below.

Note: You might also like to read the following documentation How To Make A WordPress Blog Private.

All In One WP Security And Firewall Maintenance

Step 1 ) Click on WP Security -> Maintenance to lock down your website while you perform some maintenance. Remember that you can personalize your message and you can even include some link to a private or another website. See image below.

Visitor Lockout

  • Enable Front-end Lockout

A media button for wp editor in maintenance settings page was added.

all-in-one-wp-security-visitor-lockout

Note: When you enable the above feature you will not be able to login via wp-admin.php file. You have to log in via wp-login.php only with admin privileges. However if you enable Rename Login Page under Brute Force tab you will have to enter the secret word to log into your admin panel.

Maintenance FAQ

Q1 Is it possible to force the server reply HTTP 200 even in maintenance mode when performing a cron?

Answer: No. Currently the maintenance mode will always reply back with Http 503. The exception to this rule is if a logged-in visitor tries to view a front-end page/post.

===================================

Miscellaneous Settings

Step 2 ) Go to WP Security -> Miscellaneous to set up the following options. See image below.

Miscellaneous Settings

  • Copy Protection
  • Frames
  • Users Enumeration
  • WP REST API

all-in-one-wp-security-miscellaneous-new

Copy Protection

Step 3 ) Go to WP Security -> Miscellaneous -> Copy Protection to set up Copy Protection on your website. See image below.

Copy Protection

  • Enable Copy Protection
  • Click on Save Copy Protection Settings once you complete this option.

all-in-one-wp-security-miscellaneous-copy-protection

Frames

Step 4 ) Go to WP Security -> Miscellaneous -> Frames to up the following option. See image below.

Frames

  • Enable iFrame Protection
  • Click on Save Settings once you complete this option.

all-in-one-wp-security-miscellaneous-frames

Users Enumeration

Step 5 ) Go to WP Security -> Miscellaneous -> Users Enumeration to up the following option.

Users Enumeration

  • Disable Users Enumeration = For example if someone types yoursite.com/?author=3 they will see the following error message Accessing author info via link is forbidden, when enabled.
  • Click on Save Settings once you complete this option.

Note: There was an issue with this feature as pointed out in the following forum post. That is why the developers separated this feature from WP REST API below.

all-in-one-wp-security-miscellaneous-user-enumeration

WP REST API

Step 6 ) Go to WP Security -> Miscellaneous -> WP REST API to set up the following option.

WP REST API

  • Disallow Unauthorized REST Requests: = When enabled, the WP REST API protects against queries made to the rest api. eg: http://yoursite.com/wp-json/wp/v2/.
  • Click on Save Settings once you complete this option.

Click on the following link Delete Spam to continue configuring the plugins settings.

If you have any questions please let me know.

Enjoy.

All In One WP Security & Firewall Plugin Tutorial List

Manuel Ballesta Ruiz is a web developer, Blogger and WordPress Enthusiast.

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

(required)

(required)