Security Audit

A WordPress security audit plugin

Wordpress Plugin for Security Audits

Wordpress Plugin to run a security audit on your server and websites.

Check WordPress security settings

Built by Cloud Security experts

Secure your website

Check for software updates

Check for theme updates

Technologies We Use:

Built-in Cloud Security Expertise

Our tool is built with years of cloud security experience and expertise, ensuring that your website stays protected from threats.

Easy ON and Off Buttons

Quickly turn security features on or off with just a click of a button. Our tool is designed to make security management a breeze, even for those with little technical expertise.

Check your security

Our tool allows you to run a security scan at any time, giving you the peace of mind that your website is secure from potential vulnerabilities.

Safer Website

Feel safer knowing that our security tool was built by experienced security experts who have a deep understanding of website vulnerabilities and how to protect against them.

Simple And Flexible Pricing

14 day money back guarantee. Annual and monthly plans available.

Monthly Billing

Starter

Save 20%

$62.49

USD/month/server

$49.99 _{USD/month/server}

Billed as $499.99 USD per year

Quick Update Buttons
In language install instructions
Certified security engineers
1 weekly scheduled scan

Select Monthly

Advanced

Favorite Save 25%

$133.32

USD/month/server

$99.99 _{USD/month/server}

Billed as $999.99 USD per year

Quick Security Change Buttons
Plugin install support
1 daily scheduled scan

Select Monthly

Enterprise

Save 30%

$285.70

USD/month/server

$199.99 _{USD/month/server}

Billed as $1,999.99 USD per year

Password Audit Check
We can install plugin
Unlimited scheduled scans

Select Monthly

Compare Pricing Packages

	Starter	Advanced	Enterprise
Advertisement free
Branding free
2FA Check
24/7 Ticket Support
Premium Customer Support
Plugin and Theme Vulnerability Monitoring
Check MySQL or MariaDB version
Check for HTTP to HTTPS Redirect
37 total checks
Over 100 languages supported
Quick Update Buttons
Quick Security Change Buttons
Password Audit Check
In language install instructions
Plugin install support
We can install plugin
Certified security engineers
1 weekly scheduled scan
1 daily scheduled scan
Unlimited scheduled scans
More features - coming soon

The above prices do not include applicable taxes based on your billing address. The final price will be displayed on the checkout page, before the payment is completed

Accepted payment methods

Money Back Guarantee

Try Security Audit for 14 days with our money back guarantee.

SSL Encrypted Payment

Your information is protected by 256-bit SSL encryption.

Try Security Audit for 14 days with our money back guarantee.

Get Started Now

Have Questions?

We are happy to answer your questions. Check the list or email us if you have other questions.

How to I change security settings?

We recommend upgrading to our paid plugin which allows you to quickly and easily adjust your settings. Otherwise you can make the changes manually throughout your configuration files.

Does the security audit plugin work with MySQL or MariaDB?

Yes the plugin works with both database systems.

How can checking for frame options improve the security of WordPress?

High risk. Clickjacking attacks can give attackers control over a user's clicks, potentially allowing them to steal sensitive information. Implementing X-Frame-Options header is crucial to prevent these attacks.

What are the risks of not checking for abandoned plugins in WordPress?

High risk. Abandoned or outdated plugins can be a security risk, as vulnerabilities in these plugins are often not patched or fixed, leaving websites exposed to attacks.

What can happen if the PHP version is not checked in WordPress?

High risk. Running an outdated version of PHP can lead to security vulnerabilities and potential attacks.

How can checking the WordPress core version help improve the security of WordPress?

High risk. Running an outdated version of WordPress can leave the website vulnerable to known security issues that have been patched in newer versions.

How does checking for HSTS benefit WordPress?

Medium risk. Implementing HTTP Strict Transport Security (HSTS) is important to protect against protocol downgrade attacks, which can allow attackers to intercept and manipulate user data.

How can checking for core updates improve the security of WordPress?

High risk. Outdated WordPress versions are often targeted by attackers who exploit known vulnerabilities. Keeping the website up-to-date with the latest features and improvements is crucial for website security.

What can happen if plugin updates are not checked in WordPress?

High risk. Running outdated plugin versions can be a security risk, as vulnerabilities in these plugins are often targeted by attackers. Keeping the website up-to-date with the latest features and improvements is crucial for website security.

How does 2FA enhance the security of WordPress?

Medium risk. Enabling two-factor authentication (2FA) provides an additional layer of security by requiring users to provide a second form of authentication in addition to their username and password.

In what ways can enabling XML-RPC 2FA benefit WordPress?

Medium risk. Securing access to the website's resources through remote APIs is important, and enabling 2FA for XML-RPC authentication can provide an extra layer of security.

How can checking the admin login URL improve the security of WordPress?

Medium risk. Using a custom URL for the administrator login page can help prevent automated attacks that target the default WordPress login page.

How can checking for image hotlinking benefit WordPress?

Low risk. Preventing hotlinking can help reduce bandwidth usage and prevent others from using the website's images without permission.

What are the risks of not checking extended PHP file editing in WordPress?

High risk. Disabling extended PHP file editing is an additional security measure to prevent attackers from modifying PHP files on the server. If this feature is not disabled, it can be exploited by attackers to gain unauthorized access to the server and steal sensitive information.

What are the risks of not checking for iframe blocking in WordPress?

Medium risk. Blocking iframes from external sources can help prevent clickjacking attacks that can allow attackers to control user clicks and potentially steal sensitive information. However, some legitimate uses of iframes may be blocked, and it may not be a foolproof solution as attackers can use other techniques to achieve the same results.

What are the consequences of not checking for disabled feeds in WordPress?

Low risk. Disabling RSS and Atom feeds on the website can help prevent sensitive information from being exposed, but it is not a critical security measure. Enabling feeds can provide benefits such as improved website traffic and search engine visibility.

What are the risks of not checking for a hidden login page in WordPress?

Medium risk. Using a hidden login page can make it more difficult for attackers to find the login page and launch automated attacks, but it may not be a foolproof solution. Attackers can still discover the login page through other means, such as through information disclosed in the website's source code.

In what ways can checking for pingback headers benefit WordPress?

Low risk. Enabling pingback headers on the website can be used to launch DDoS attacks and should be disabled unless it is specifically needed. It is not a critical security measure, but it can help prevent the website from being targeted by attackers attempting to exploit this feature.

How can checking for file editing benefit the security of WordPress?

High risk. Disabling file editing in the WordPress dashboard is an important security measure to prevent attackers from modifying files on the server through vulnerabilities in plugins or other web applications. Allowing file editing can enable attackers to upload and execute malicious code on the server.

How can checking for error reporting in wp-config improve the security of WordPress?

Medium risk. Verifying whether error reporting is disabled in the website's wp-config.php file is crucial for safeguarding sensitive information from being exposed through error messages. However, it may also pose a challenge in identifying and resolving errors on the website.

How can checking for PHP execution improve the security of WordPress?

High risk. Confirming whether PHP code can be executed in the website's upload directories is essential for detecting and preventing attackers from uploading and running malicious code on the server.

How can checking for the themes version benefit WordPress?

Medium risk. Inspecting whether the installed themes on the website are running outdated versions is important, as these themes may contain unpatched vulnerabilities that leave websites open to attacks. However, this may not pose a significant risk if the website is not using outdated themes.

How can checking for plugin integrity improve the security of WordPress?

High risk. Ensuring the integrity of the installed plugins on the website by verifying their file checksums is a crucial step in preventing attackers from compromising the website through malicious plugins.

Why do I need to audit the security of my WordPress website?

WordPress has many security settings that are not enabled by default. You may not be aware of many of them. The tool runs a check to show you the status of your settings and software versions.

Does the security audit plugin work with Nginx or Apache?

Yes the plugin works with both Nginx and Apache.

Was the plugin built with security expertise?

Yes we have extensive experience in Cloud security at the Enterprise level. An advantage of the plugin is you do not need to be the security expert yourself.

In what ways can checking for content type options benefit WordPress?

Medium risk. Interpreting content as a different MIME type than what is specified can lead to vulnerabilities such as cross-site scripting. Implementing X-Content-Type-Options header is important to prevent such attacks.

How does checking for XSS protection make WordPress plugins more secure?

Medium risk. Cross-site scripting attacks can inject malicious code into a website and compromise user data. Implementing X-XSS-Protection header can protect against such attacks.

What risks are associated with not checking the MySQL version in WordPress?

High risk. Using an outdated version of MySQL can also lead to security vulnerabilities and potential attacks.

What are the consequences of not checking the versions of installed plugins in WordPress?

High risk. Running outdated plugin versions can lead to security vulnerabilities and potential attacks.

What risks are associated with not checking for secure cookies in WordPress?

Medium risk. Using secure cookies is important to prevent attackers from stealing or manipulating user session data through cookie theft or injection.

How does checking the automatic updater benefit WordPress?

High risk. Configuring the website's WordPress installation to automatically update to the latest version can ensure that security patches are applied in a timely manner, reducing the risk of vulnerabilities being exploited.

Why is it important to check for the Application Passwords plugin in WordPress?

Medium risk. Using the Application Passwords plugin is important for protecting user data and preventing unauthorized access to the website's resources.

How does login captcha checking improve the security of WordPress?

Medium risk. Using CAPTCHA on the website's login page can help prevent brute force attacks by requiring users to prove that they are human.

What are the risks of not checking the default admin username in WordPress?

Medium risk. Using the default WordPress "admin" username is a common target for attackers as it is a well-known default username that is often left unchanged. Changing it to something more unique is an important security measure.

What risks are associated with not checking the table prefix in WordPress?

Medium risk. Using a custom database table prefix can help prevent SQL injection attacks by making it more difficult for attackers to predict the names of the database tables.

Why is it important to check for PHP file editing in WordPress?

High risk. Preventing attackers from modifying critical PHP files on the server through vulnerabilities in plugins or other web applications is crucial for the website's security. Allowing PHP file editing can enable attackers to upload and execute malicious code on the server.

How can checking for comment captcha enhance the security of WordPress?

Medium risk. Using a CAPTCHA on the website's comment form can help prevent automated spam comments, but it may not be a foolproof solution. Automated tools can bypass CAPTCHAs, and it can also inconvenience legitimate users who need to prove that they are human.

How can checking for right-click disabled improve the security of WordPress?

Low risk. Disabling right-clicking on the website can be used to prevent users from copying or saving images and other content, but it is not a reliable security measure. Knowledgeable users can easily bypass this restriction using keyboard shortcuts or other methods.

How can Fail2Ban benefit WordPress?

High risk. Installing and configuring the Fail2Ban service on the website's server can help prevent brute force attacks by automatically blocking IP addresses that have repeatedly failed login attempts. Without this service, the website is at risk of being targeted by attackers attempting to guess user passwords.

How can checking for enabled pingbacks improve the security of WordPress?

Low risk. Enabling pingbacks on the website can provide benefits such as improved website traffic and search engine visibility, but it can also be used to launch DDoS attacks. It is not a critical security measure, but it may be disabled if not specifically needed.

What are the consequences of not checking the file editor in WordPress?

High risk. Disabling the file editor in the WordPress dashboard is an important security measure to prevent attackers from modifying critical PHP files on the server through vulnerabilities in plugins or other web applications. Allowing file editing can enable attackers to upload and execute malicious code on the server.

What are the risks of not checking error reporting in WordPress?

Low risk. Disabling error reporting on the website can help prevent sensitive information from being exposed through error messages. However, it can also make it more difficult to troubleshoot and fix errors on the website.

What are the benefits of disabling trackbacks in WordPress?

Low risk. Ensuring that trackbacks are disabled on the website is important in preventing spam and other malicious activities associated with this feature, but it may not have a significant impact on the overall security of the website.

What are the risks of not checking for TimThumb in WordPress?

Medium risk. Checking whether the TimThumb script is being used on the website is important, as it is known to have security vulnerabilities that can be exploited by attackers. However, this may not pose a significant risk if the website is not using this script.

What are the risks of not checking for theme updates in WordPress?

Medium risk. Checking whether there are any available updates for the installed themes on the website is crucial for maintaining website security and keeping up-to-date with the latest features and improvements. However, this may not pose a significant risk if the website is already up-to-date.

Have more questions? Ask your question here

Security Audit is used in many different ways

You can use Security Audit in different industries, professions, and organizations. It is a useful tool to meet your goals.

As an entrepreneur, you're always on the go and don't have much time to spare. However, you still care about your customers and your reputation. Keep your website secure with ease by auditing the security settings.

Entrepreneur

Make security simple with our WordPress firewall and audit tool

Your online reputation is impacted by your website. Keep your website secure with ideal settings and keeping it updated.

Blogger

Secure your website traffic

You set the tone for professionalism. You care what the customers see and your reputation. Keep your website secure by auditing the security settings.

CEO Chief Executive Officer

Security is important

You care about the safety of your website and messaging. Keep the website secure by auditing important security settings and components.

CMO Chief Marketing Officer

Website security affects reputation

Your product's reputation is impacted by your website. Keep your system secure by setting ideal settings and keeping the system updated.

Product Manager

Website security affects the product

Your online reputation is impacted by your website. Keep your website secure with ideal settings and keeping it updated.

Social Media Influencer

Stay safe and stay online

You have very little time but you also care what the customers see and your reputation. Keep your website secure by auditing the security settings.

Website Owner

Secure the website you own

You have very little time but you also care what the customers see and your reputation. Keep your website secure by auditing the security settings.

WordPress Developer

Secure the website you built

Keep your website secure by auditing the security settings. Different package levels handle additional items for you.

CTO Chief Technology Officer

Security must be audited

Keep your website secure by quickly auditing your security settings. We offer easy-to-use security features built with Cloud security experience and expertise to save you time and keep your website safe.

Entrepreneur

Security is needed fast

As a small business owner, you understand the importance of protecting your customers' data and your business's reputation. Keep your website secure by auditing your security settings with our easy-to-use tool.

Small Business Owner

Security is crucial for my business

Many Uses for Different Situations

Click to read how Prelaunch is used by others.

Customer	Details	Actions
Entrepreneur	Make security simple with our WordPress firewall and audit tool	Learn more
Blogger	Secure your website traffic	Learn more
CEO Chief Executive Officer	Security is important	Learn more
CMO Chief Marketing Officer	Website security affects reputation	Learn more
Product Manager	Website security affects the product	Learn more
Social Media Influencer	Stay safe and stay online	Learn more
Website Owner	Secure the website you own	Learn more
WordPress Developer	Secure the website you built	Learn more
CTO Chief Technology Officer	Security must be audited	Learn more
Entrepreneur	Security is needed fast	Learn more
Small Business Owner	Security is crucial for my business	Learn more

Security Audit

A WordPress security audit plugin

Technologies We Use:

Built-in Cloud Security Expertise

Easy ON and Off Buttons

Check your security

Safer Website

Simple And Flexible Pricing

Starter

Save 20%

USD/month/server

USD/year/server

Advanced

Favorite Save 25%

USD/month/server

USD/year/server

Enterprise

Save 30%

USD/month/server

USD/year/server

Compare Pricing Packages

Accepted payment methods

Money Back Guarantee

SSL Encrypted Payment

Try Security Audit for 14 days with our money back guarantee.

Have Questions?

How to I change security settings?

Does the security audit plugin work with MySQL or MariaDB?

How can checking for frame options improve the security of WordPress?

What are the risks of not checking for abandoned plugins in WordPress?

What can happen if the PHP version is not checked in WordPress?

How can checking the WordPress core version help improve the security of WordPress?

How does checking for HSTS benefit WordPress?

How can checking for core updates improve the security of WordPress?

What can happen if plugin updates are not checked in WordPress?

How does 2FA enhance the security of WordPress?

In what ways can enabling XML-RPC 2FA benefit WordPress?

How can checking the admin login URL improve the security of WordPress?

How can checking for image hotlinking benefit WordPress?

What are the risks of not checking extended PHP file editing in WordPress?

What are the risks of not checking for iframe blocking in WordPress?

What are the consequences of not checking for disabled feeds in WordPress?

What are the risks of not checking for a hidden login page in WordPress?

In what ways can checking for pingback headers benefit WordPress?

How can checking for file editing benefit the security of WordPress?

How can checking for error reporting in wp-config improve the security of WordPress?

How can checking for PHP execution improve the security of WordPress?

How can checking for the themes version benefit WordPress?

How can checking for plugin integrity improve the security of WordPress?

Why do I need to audit the security of my WordPress website?

Does the security audit plugin work with Nginx or Apache?

Was the plugin built with security expertise?

In what ways can checking for content type options benefit WordPress?

How does checking for XSS protection make WordPress plugins more secure?

What risks are associated with not checking the MySQL version in WordPress?

What are the consequences of not checking the versions of installed plugins in WordPress?

What risks are associated with not checking for secure cookies in WordPress?

How does checking the automatic updater benefit WordPress?

Why is it important to check for the Application Passwords plugin in WordPress?

How does login captcha checking improve the security of WordPress?

What are the risks of not checking the default admin username in WordPress?

What risks are associated with not checking the table prefix in WordPress?

Why is it important to check for PHP file editing in WordPress?

How can checking for comment captcha enhance the security of WordPress?

How can checking for right-click disabled improve the security of WordPress?

How can Fail2Ban benefit WordPress?

How can checking for enabled pingbacks improve the security of WordPress?

What are the consequences of not checking the file editor in WordPress?

What are the risks of not checking error reporting in WordPress?

What are the benefits of disabling trackbacks in WordPress?

What are the risks of not checking for TimThumb in WordPress?

What are the risks of not checking for theme updates in WordPress?

Have more questions? Ask your question here

Security Audit is used in many different ways

Entrepreneur

Blogger

CEO Chief Executive Officer

CMO Chief Marketing Officer

Product Manager

Social Media Influencer