All In One Security (AIOS) plugin helps you setup this great and powerful plugin which covers and protects many WordPress areas.
Last Updated: November 7, 2023
Latest News: Updated the documentation.
All In One WP Security And Firewall Plugin
WordPress is still one of the most popular CMS platforms in 2017. This also means that more hackers are going to try and break into your site. Lucky for you All In One Security (AIOS) is here to protect your site. It has been designed and developed to protect your site from hackers and more.
All In One Security (AIOS) plugin is designed to help those who don’t have any knowledge of security and have no idea how to protect their site using a security plugin. For that reason the developers have added instructions and or information next to each option in the plugin settings. This allows you to read and understand more about each feature before you decide to enable that feature.
Note: These tutorials are based on version 5.2.4 and below. I will be updating any tutorial if changes have been made in the latest version.
All In One Security version 5.2.5 Changelog.
- SECURITY: On a multisite install, if using the AIOS feature for renaming and hiding the login page, a route existed for an attacker to discover the hidden login page, thus negating the usefulness of the feature. Thanks to Naveen Muthusamy for disclosing this defect.
- FEATURE: Block POST requests that have a blank user-agent and referer
- FEATURE: Added reverse IP Lookup data to the login lockdown notification email
- FIX: Prevent a fatal error when setting up the firewall if the host has disabled the function parse_ini_file
- FIX: Prevent the firewall message store from filling up with unused entries
- FIX: Prevent legitimate Googlebot traffic being blocked on sites where the gethostbyaddr function fails or is disabled
- and more.
GDPR (DSGVO) compliance
Currently the plugin developer has replied in the forum to help you with GDPR (DSGVO) compliance questions. Please check the following support threads to learn more. This could change in a future release.
- Data Processing Agreement needed – Developer support thread reply.
- GDPR (DSGVO) compliance – Developer support thread reply.
- Still unclear if GDPR compliant – Developer support thread reply.
- Another answer by the developer for the new owners of the plugin – Developer support thread reply.
What you need:
- All In One Security
- Country Blocking Add-on = Premium add-on. (Optional)
- www.site-scanners.com = This is a premium service which is part of the plugin. (Optional but highly recommended. It is important to keep monitoring your site.)
- Smart 404 blocking Add-on = Premium add-on. (Optional)
WP Security Admin Menu
When you log into your WordPress admin panel, click on WP Security found on your left hand sidebar. You will see an admin menu as illustrated in the image below.
The following list of tutorials provides information about each admin tab. It also shows you how to set up each feature in admin. Some tabs have a number of total points you can gain if you enabled all features with a number value assigned to them. This number is added to the Dashboard Security Strength Meter after you have completed enabling your settings and saved them. The total achievable count in the meter is 545 points. However you will not reach this maximum amount because in some settings you can’t enable all features.
Note: The following image is displayed when you install and activate the security plugin for the first time. This allows you to setup PHP-based firewall or dismiss it. Click on the following link Firewall Advanced Settings to learn more.
All In One WP Security And Firewall Tutorials:
- Settings = Total security strength meter 5 points
- User security = Total security strength meter 90 points
- Database Security = Total security strength meter 10 points
- Filesystem Security = Total security strength meter 50 points
- Blacklist Manager = Total security strength meter 15 points
- Firewall Rules = Total security strength meter 135 points
- Brute Force = Total security strength meter 155 points
- Spam Prevention = Total security strength meter 30 points + 10 more points when BuddyPress and bbPress is installed and activated.
- Scanner = Total security strength meter 20 points
- Miscellaneous = Total security strength meter 35 points
- Two Factor Auth Settings
- Delete Spam
- Pingback Protection Settings
- Custom Rules
- Allow Unlock Request
- How To Reset AIOS Plugin
- Test New Users Registration AIOS
I hope the above information helps you to protect your website.
If you have any questions or need some help, you can leave a message or get in contact with me via my contact form above.