All In One WP Security Miscellaneous Settings

Aug 092019

All In One WP Security And Firewall Miscellaneous Settings helps you activate the following options copy protection, frames and more.

Last Updated: March 24, 2023

Latest News: Updated the documentation.

AIOWPS plugin has a miscellaneous section that allows you to further protect your site by activating one or all of the following features. However make sure you read carefully what each feature does before you enable them. The miscellaneous section will keep on growing in time with future updates.

Miscellaneous Features:

Copy Protection = This feature allows you to disable the ability to select and copy text from your front end. When admin user is logged in, the feature is automatically disabled for his session.
Frames = This feature allows you to prevent other sites from displaying any of your content via a frame or iframe. When enabled, this feature will set the “X-Frame-Options” parameter to “sameorigin” in the HTTP header.
Users Enumeration = This feature allows you to prevent external users/bots from fetching the user info with urls like “/?author=1”. When enabled, this feature will print a “forbidden” error rather than the user information.
WP REST API = This feature allows you to block WordPress REST API access for unauthorized requests. When enabled this feature will only allow REST requests to be processed if the user is logged in.

What you need:

All In One WP Security And Firewall

All In One WP Security And Firewall Miscellaneous Settings

Step 1 ) Go to WP Security -> Miscellaneous admin tab as illustrated in the image below.

Step 2 ) The following image Miscellaneous allows you to set up the following options.

Miscellaneous Admin Tabs

Copy Protection
Frames
User Enumeration
WP REST API
Salt

all-in-one-wp-security-miscellaneous-tabs

Copy Protection

Step 3 ) Go to WP Security -> Miscellaneous -> Copy Protection as illustrated in the image below to activate the following option.

Copy Protection Option

Enable Copy Protection
Click on Save Copy Protection Settings button once you complete this option.

Frames

Step 4 ) Go to WP Security -> Miscellaneous -> Frames as illustrated in the image below to activate the following option.

Frames Option

Enable iFrame Protection
Click on Save Settings button once you complete this option.

all-in-one-wp-security-miscellaneous-frames-settings

Users Enumeration

Step 5 ) Go to WP Security -> Miscellaneous -> Users Enumeration as illustrated in the image below to activate the following option.

Users Enumeration Option

Disable Users Enumeration = Note: When enabled and they type yoursite.com/?author=3 they will see the following error message Accessing author info via link is forbidden.
Click on Save Settings button once you complete this option.

Note: There was an issue with this feature as pointed out in the following forum post. That is why the developers separated this feature from WP REST API below.

all-in-one-wp-security-miscellaneous-users-enumeration

WP REST API

Step 6 ) Go to WP Security -> Miscellaneous -> WP REST API as illustrated in the image below to activate the following option.

WP REST API

Disallow Unauthorized REST Requests: = Note: When enabled, the WP REST API protects against queries made to the rest api. eg: http://yoursite.com/wp-json/wp/v2/. They will see the following error message You are not authorized to perform this action.
Click on Save Settings button once you complete this option.

Important: Make sure you read the following message before you enable this feature.

Beware that if you are using other plugins which have registered REST endpoints (eg, Contact Form 7), then this feature will also block REST requests used by these plugins if the user is not logged in. It is recommended that you leave this feature disabled if you want uninterrupted functionality for such plugins.

Salt

Step 7 ) Go to WP Security -> Miscellaneous -> Salt as illustrated in the image below to activate the following option.

Salt Option

Enable salt postfix: = Check this if you want to enable the salt postfix feature. These salt posfixes are changed every week by a scheduled job.

all-in-one-wp-security-miscellaneous-salt

========================================

The above features create extra security protection in your site.

If you have any questions please let me know.

Enjoy.

All In One WP Security & Firewall Plugin Tutorial List

All In One WP Security And Firewall Plugin.

Share this post:

Twitter Facebook Pinterest LinkedIn Email

I have been working in IT since 1999 and I enjoy the challenges it brings me. I love developing websites with WordPress. I spend a lot of time helping out in wordpress.org forums. I have been writing tutorials since 2011. Now I am learning how to manage my own VPS "Virtual Private Server.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Mbrsolution