Jun 032014

All In One WP Security And Firewall Dashboard tutorial helps you setup this great and powerful plugin which covers many WordPress security areas.

Last Updated: April 16, 2019

Latest News: I updated the documentation.

This post talks about the dashboard in the plugin and what it function means. The dashboard shows you your sites back-end activities. These are activities are related to your members and users in the background and also your visitors. This information is very handy because it can help you investigate fishy activities in your website and more.

When you log in, the dashboard should be the first area you check before you start working in your site.

All In One WP Security And Firewall Dashboard

Step 1 ) Click on WP Security -> Dashboard. The following image displays the different tabs available for you to set up and check.


AIOWPS Dashboard

  • Dashboard
  • System Info
  • Locked IP Addresses
  • Permanent Block List
  • AIOWPS Logs

Security Strength Meter

Step 2 ) The following image Security Strength Meter displays a metered reading of the different security features enabled in the plugin. A visual display of the meter reading is important for those who want to know what security settings have been enabled. It works great as a guide.

Security Strength Meter

  • Total achievable points: 505.
  • Current score of your site: 70.

Information: The reading below in the meter is just an example. Your meter reading will be different.


Security Points Breakdown

Step 3 ) The following image Security Points Breakdown shows you what percentage your current security settings represents in the overall settings.

Security Points Breakdown

  • It displays the overall percentage and the different levels of security set up.

Information: The breakdown reading below is just an example. Your breakdown reading will be different.


Step 4 ) The following image Critical Feature Status shows you straight away some of the most critical security settings that should be configured straight away.

Critical Feature Status

  • Admin Username
  • Login Lockdown
  • File Permission
  • Basic Firewall


Step 5 ) The following image Maintenance Mode Status allows you to put your site in maintenance mode.

Important: Make sure you deactivate maintenance mode once you have completed your work.


Step 6 ) The following image Logged In Users lets you know if there are other users logged into your website. This is very handy to know especially if you are planning on doing some development work in the site. Knowing if there are other users logged in, allows you to notify them straight away before you begin.


Step 7 ) The following image Locked IP Addresses lets you know if anyone has being locked out from your site.


Step 8 ) The following image Last 5 Logins displays who was logged in, in the last 5 times.


System Info Tab

Step 9 ) The following tab System Info lets you know your current sever settings. This is vital information to know especially when you come across compatibility problems between plugins and or your theme.

System Info Tab

  • Site Info
  • PHP Info
  • Active Plugins

Locked IP Addresses Tab

Step 10 ) The Locked IP Addresses tab lets you view all the IP addresses of locked out visitors who attempted to log in with an account.

Step 10-a ) The following image shows two options you can carry out when IP addresses have been locked out. You can select whether to Unlock or Delete the locked out IP address.

Difference Between Unlock and Delete

  • “Unlock” = Unlock will release the locked status and hence allow that IP address to access the site again. (However the row containing that IP address will still remain in the login_lockdown DB table).
  • “Delete” = Delete will also allow access for that IP address but this is because the row entry for that IP address is totally deleted from the login_lockdown DB table.

Sometimes people want to keep medium or long term records of all locked IP ranges and the corresponding data for investigation purposes which is why we have the unlock command. If you simply want to unlock an address and don’t want to keep that record in the DB then use the delete option.

PS: The developers in the near future will improve the unlock table so you can also see the previously unlocked records which are still in the DB. In the meantime you can view these records via PHPMyAdmin.


Permanent Block List

Step 11 ) The Permanent Block List tab lets you view all the IP addresses that have been blocked permanently in your site. To learn more about this feature you might like to read the following URL Spam Prevention.

Permanent block list serves as a general IP blocking list similar to the blacklist but the difference is that the blacklist uses only .htaccess directives to block IPs whereas the permanent block list works at the PHP level independent of .htaccess.

In other words the permanent block list will be an alternative to the blacklist and will cater for people who don’t have an Apache style server installation.

Note: The permanent block list was added to cater for the following.

  • Auto blocking of comment spammers – go to SPAM Prevention -> Comment SPAM IP Monitoring tab. You can enable auto blocking of comment spammer IPs based on minimum spam comments they produce.
  • Spammers who register for wordpress accounts and are manually blocked by the administrator – Go to User Registration -> Manual Approval tab. If the manual approval checkbox is selected, this tab will list those users pending approval and you can block selected IP addresses permanently.


Step 12 ) The following image AIOWPS Logs allows you to select and view the following options.


  • wp-security-log
  • wp-security-log-cron-job


Click on the following link Settings to continue configuring the plugins settings.

If you have any questions please let me know.


All In One WP Security & Firewall Plugin Tutorial List

Manuel Ballesta Ruiz is a web developer, Blogger and WordPress Enthusiast.

  6 Responses to “All In One WP Security And Firewall Dashboard”

  1. Using your latest version, the Import/Export tab is missing. How do I enable this?

    Plugin Version: 3.7.7
    WP Version: 3.9.1
    WPMU: No
    MySQL Version: 5.5.37

    • Hi Bob, thank you for your question.

      Have you tried to deactivate all other plugins to see if the Import/Export tab shows? If that does not fix the problem, try one of WordPress default theme like Twenty Fourteen and see if works.

      Kind regards

  2. After re designing one of the sites with a new theme (Enigma) the site worked, and now when you try to view it shows the maintenance page and no one seems to be able to view the site. I have disabled the maintenance and have wiped the text on that page, but it still appears. It has been a week and don’t really want to switch the wp security off to test. Any idea?
    Thank you
    ps. It did the same with the old version of WP and as the last resort I have updated to the latest with no results

  3. Hello,

    You have a great plugin thank you, however yesterday I made some additional changes to your features, brute force to get a better score and today I can’t access my site. I get the 127 page. I looked in wp support and I watched the FTP video and deactivated all of my plugins but I still don’t have access and now I believe my entire site is down.

    You mentioned replacing the .htaccess file, but I’m not sure how to do this.

    Please can I get some advice, Thanks
    Dwight Pretulac

    • Hi Dwight Pretulac, thank you for your question. I did check your website above and your site is working.

      Please check the following link and focus on question 11.

      Once you have totally removed the plugin, install it again and don’t enable any of the Brute Force features. First disable all your other plugins except this one then activate the Brute Force feature you had problems with. Test to make sure it is working, if it is then start enabling one by one your other plugins and at the same time check to make sure you still have access. Carry out this until you come across the conflicting plugin.

      Let me know if you need more help.


 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>