Security Audit
A WordPress security audit plugin
Wordpress Plugin for Security Audits
Wordpress Plugin to run a security audit on your server and websites.
Built-in Cloud Security Expertise
Our tool is built with years of cloud security experience and expertise, ensuring that your website stays protected from threats.
Easy ON and Off Buttons
Quickly turn security features on or off with just a click of a button. Our tool is designed to make security management a breeze, even for those with little technical expertise.
Check your security
Our tool allows you to run a security scan at any time, giving you the peace of mind that your website is secure from potential vulnerabilities.
Safer Website
Feel safer knowing that our security tool was built by experienced security experts who have a deep understanding of website vulnerabilities and how to protect against them.
Simple And Flexible Pricing
14 day money back guarantee. Annual and monthly plans available.
Starter
Save 20%
$62.49
USD/month/server
$624.99
USD/year/server
Billed as $499.99 USD per year
Plus annual savings of $99.89 USD
Quick Update Buttons
In language install instructions
Certified security engineers
1 weekly scheduled scan
Advanced
Favorite Save 25%
$133.32
USD/month/server
$1,333.32
USD/year/server
Billed as $999.99 USD per year
Plus annual savings of $199.89 USD
Quick Security Change Buttons
Plugin install support
1 daily scheduled scan
Enterprise
Save 30%
$285.70
USD/month/server
$2,857.13
USD/year/server
Billed as $1,999.99 USD per year
Plus annual savings of $399.89 USD
Password Audit Check
We can install plugin
Unlimited scheduled scans
Compare Pricing Packages
| Starter | Advanced | Enterprise | |
|---|---|---|---|
| Advertisement free | |||
| Branding free | |||
| 2FA Check | |||
| 24/7 Ticket Support | |||
| Premium Customer Support | |||
| Plugin and Theme Vulnerability Monitoring | |||
| Check MySQL or MariaDB version | |||
| Check for HTTP to HTTPS Redirect | |||
| 37 total checks | |||
| Over 100 languages supported | |||
| Quick Update Buttons | |||
| Quick Security Change Buttons | |||
| Password Audit Check | |||
| In language install instructions | |||
| Plugin install support | |||
| We can install plugin | |||
| Certified security engineers | |||
| 1 weekly scheduled scan | |||
| 1 daily scheduled scan | |||
| Unlimited scheduled scans | |||
| More features - coming soon |
The above prices do not include applicable taxes based on your billing address. The final price will be displayed on the checkout page, before the payment is completed
Accepted payment methods
Money Back Guarantee
Try Security Audit for 14 days with our money back guarantee.
SSL Encrypted Payment
Your information is protected by 256-bit SSL encryption.
Try Security Audit for 14 days with our money back guarantee.
Have Questions?
We are happy to answer your questions. Check the list or email us if you have other questions.
How to I change security settings?
We recommend upgrading to our paid plugin which allows you to quickly and easily adjust your settings. Otherwise you can make the changes manually throughout your configuration files.
Does the security audit plugin work with MySQL or MariaDB?
Yes the plugin works with both database systems.
How can checking for frame options improve the security of WordPress?
High risk. Clickjacking attacks can give attackers control over a user's clicks, potentially allowing them to steal sensitive information. Implementing X-Frame-Options header is crucial to prevent these attacks.
What are the risks of not checking for abandoned plugins in WordPress?
High risk. Abandoned or outdated plugins can be a security risk, as vulnerabilities in these plugins are often not patched or fixed, leaving websites exposed to attacks.
What can happen if the PHP version is not checked in WordPress?
High risk. Running an outdated version of PHP can lead to security vulnerabilities and potential attacks.
How can checking the WordPress core version help improve the security of WordPress?
High risk. Running an outdated version of WordPress can leave the website vulnerable to known security issues that have been patched in newer versions.
How does checking for HSTS benefit WordPress?
Medium risk. Implementing HTTP Strict Transport Security (HSTS) is important to protect against protocol downgrade attacks, which can allow attackers to intercept and manipulate user data.
How can checking for core updates improve the security of WordPress?
High risk. Outdated WordPress versions are often targeted by attackers who exploit known vulnerabilities. Keeping the website up-to-date with the latest features and improvements is crucial for website security.
What can happen if plugin updates are not checked in WordPress?
High risk. Running outdated plugin versions can be a security risk, as vulnerabilities in these plugins are often targeted by attackers. Keeping the website up-to-date with the latest features and improvements is crucial for website security.
How does 2FA enhance the security of WordPress?
Medium risk. Enabling two-factor authentication (2FA) provides an additional layer of security by requiring users to provide a second form of authentication in addition to their username and password.
In what ways can enabling XML-RPC 2FA benefit WordPress?
Medium risk. Securing access to the website's resources through remote APIs is important, and enabling 2FA for XML-RPC authentication can provide an extra layer of security.
How can checking the admin login URL improve the security of WordPress?
Medium risk. Using a custom URL for the administrator login page can help prevent automated attacks that target the default WordPress login page.
How can checking for image hotlinking benefit WordPress?
Low risk. Preventing hotlinking can help reduce bandwidth usage and prevent others from using the website's images without permission.
What are the risks of not checking extended PHP file editing in WordPress?
High risk. Disabling extended PHP file editing is an additional security measure to prevent attackers from modifying PHP files on the server. If this feature is not disabled, it can be exploited by attackers to gain unauthorized access to the server and steal sensitive information.
What are the risks of not checking for iframe blocking in WordPress?
Medium risk. Blocking iframes from external sources can help prevent clickjacking attacks that can allow attackers to control user clicks and potentially steal sensitive information. However, some legitimate uses of iframes may be blocked, and it may not be a foolproof solution as attackers can use other techniques to achieve the same results.
What are the consequences of not checking for disabled feeds in WordPress?
Low risk. Disabling RSS and Atom feeds on the website can help prevent sensitive information from being exposed, but it is not a critical security measure. Enabling feeds can provide benefits such as improved website traffic and search engine visibility.
What are the risks of not checking for a hidden login page in WordPress?
Medium risk. Using a hidden login page can make it more difficult for attackers to find the login page and launch automated attacks, but it may not be a foolproof solution. Attackers can still discover the login page through other means, such as through information disclosed in the website's source code.
In what ways can checking for pingback headers benefit WordPress?
Low risk. Enabling pingback headers on the website can be used to launch DDoS attacks and should be disabled unless it is specifically needed. It is not a critical security measure, but it can help prevent the website from being targeted by attackers attempting to exploit this feature.
How can checking for file editing benefit the security of WordPress?
High risk. Disabling file editing in the WordPress dashboard is an important security measure to prevent attackers from modifying files on the server through vulnerabilities in plugins or other web applications. Allowing file editing can enable attackers to upload and execute malicious code on the server.
How can checking for error reporting in wp-config improve the security of WordPress?
Medium risk. Verifying whether error reporting is disabled in the website's wp-config.php file is crucial for safeguarding sensitive information from being exposed through error messages. However, it may also pose a challenge in identifying and resolving errors on the website.
How can checking for PHP execution improve the security of WordPress?
High risk. Confirming whether PHP code can be executed in the website's upload directories is essential for detecting and preventing attackers from uploading and running malicious code on the server.
How can checking for the themes version benefit WordPress?
Medium risk. Inspecting whether the installed themes on the website are running outdated versions is important, as these themes may contain unpatched vulnerabilities that leave websites open to attacks. However, this may not pose a significant risk if the website is not using outdated themes.
How can checking for plugin integrity improve the security of WordPress?
High risk. Ensuring the integrity of the installed plugins on the website by verifying their file checksums is a crucial step in preventing attackers from compromising the website through malicious plugins.
Why do I need to audit the security of my WordPress website?
WordPress has many security settings that are not enabled by default. You may not be aware of many of them. The tool runs a check to show you the status of your settings and software versions.
Does the security audit plugin work with Nginx or Apache?
Yes the plugin works with both Nginx and Apache.
Was the plugin built with security expertise?
Yes we have extensive experience in Cloud security at the Enterprise level. An advantage of the plugin is you do not need to be the security expert yourself.
In what ways can checking for content type options benefit WordPress?
Medium risk. Interpreting content as a different MIME type than what is specified can lead to vulnerabilities such as cross-site scripting. Implementing X-Content-Type-Options header is important to prevent such attacks.
How does checking for XSS protection make WordPress plugins more secure?
Medium risk. Cross-site scripting attacks can inject malicious code into a website and compromise user data. Implementing X-XSS-Protection header can protect against such attacks.
What risks are associated with not checking the MySQL version in WordPress?
High risk. Using an outdated version of MySQL can also lead to security vulnerabilities and potential attacks.
What are the consequences of not checking the versions of installed plugins in WordPress?
High risk. Running outdated plugin versions can lead to security vulnerabilities and potential attacks.
What risks are associated with not checking for secure cookies in WordPress?
Medium risk. Using secure cookies is important to prevent attackers from stealing or manipulating user session data through cookie theft or injection.
How does checking the automatic updater benefit WordPress?
High risk. Configuring the website's WordPress installation to automatically update to the latest version can ensure that security patches are applied in a timely manner, reducing the risk of vulnerabilities being exploited.
Why is it important to check for the Application Passwords plugin in WordPress?
Medium risk. Using the Application Passwords plugin is important for protecting user data and preventing unauthorized access to the website's resources.
How does login captcha checking improve the security of WordPress?
Medium risk. Using CAPTCHA on the website's login page can help prevent brute force attacks by requiring users to prove that they are human.
What are the risks of not checking the default admin username in WordPress?
Medium risk. Using the default WordPress "admin" username is a common target for attackers as it is a well-known default username that is often left unchanged. Changing it to something more unique is an important security measure.
What risks are associated with not checking the table prefix in WordPress?
Medium risk. Using a custom database table prefix can help prevent SQL injection attacks by making it more difficult for attackers to predict the names of the database tables.
Why is it important to check for PHP file editing in WordPress?
High risk. Preventing attackers from modifying critical PHP files on the server through vulnerabilities in plugins or other web applications is crucial for the website's security. Allowing PHP file editing can enable attackers to upload and execute malicious code on the server.
How can checking for comment captcha enhance the security of WordPress?
Medium risk. Using a CAPTCHA on the website's comment form can help prevent automated spam comments, but it may not be a foolproof solution. Automated tools can bypass CAPTCHAs, and it can also inconvenience legitimate users who need to prove that they are human.
How can checking for right-click disabled improve the security of WordPress?
Low risk. Disabling right-clicking on the website can be used to prevent users from copying or saving images and other content, but it is not a reliable security measure. Knowledgeable users can easily bypass this restriction using keyboard shortcuts or other methods.
How can Fail2Ban benefit WordPress?
High risk. Installing and configuring the Fail2Ban service on the website's server can help prevent brute force attacks by automatically blocking IP addresses that have repeatedly failed login attempts. Without this service, the website is at risk of being targeted by attackers attempting to guess user passwords.
How can checking for enabled pingbacks improve the security of WordPress?
Low risk. Enabling pingbacks on the website can provide benefits such as improved website traffic and search engine visibility, but it can also be used to launch DDoS attacks. It is not a critical security measure, but it may be disabled if not specifically needed.
What are the consequences of not checking the file editor in WordPress?
High risk. Disabling the file editor in the WordPress dashboard is an important security measure to prevent attackers from modifying critical PHP files on the server through vulnerabilities in plugins or other web applications. Allowing file editing can enable attackers to upload and execute malicious code on the server.
What are the risks of not checking error reporting in WordPress?
Low risk. Disabling error reporting on the website can help prevent sensitive information from being exposed through error messages. However, it can also make it more difficult to troubleshoot and fix errors on the website.
What are the benefits of disabling trackbacks in WordPress?
Low risk. Ensuring that trackbacks are disabled on the website is important in preventing spam and other malicious activities associated with this feature, but it may not have a significant impact on the overall security of the website.
What are the risks of not checking for TimThumb in WordPress?
Medium risk. Checking whether the TimThumb script is being used on the website is important, as it is known to have security vulnerabilities that can be exploited by attackers. However, this may not pose a significant risk if the website is not using this script.
What are the risks of not checking for theme updates in WordPress?
Medium risk. Checking whether there are any available updates for the installed themes on the website is crucial for maintaining website security and keeping up-to-date with the latest features and improvements. However, this may not pose a significant risk if the website is already up-to-date.
Have more questions? Ask your question here
Security Audit is used in many different ways
You can use Security Audit in different industries, professions, and organizations. It is a useful tool to meet your goals.
As an entrepreneur, you're always on the go and don't have much time to spare. However, you still care about your customers and your reputation. Keep your website secure with ease by auditing the security settings.
Your online reputation is impacted by your website. Keep your website secure with ideal settings and keeping it updated.
You set the tone for professionalism. You care what the customers see and your reputation. Keep your website secure by auditing the security settings.
You care about the safety of your website and messaging. Keep the website secure by auditing important security settings and components.
Your product's reputation is impacted by your website. Keep your system secure by setting ideal settings and keeping the system updated.
Your online reputation is impacted by your website. Keep your website secure with ideal settings and keeping it updated.
You have very little time but you also care what the customers see and your reputation. Keep your website secure by auditing the security settings.
You have very little time but you also care what the customers see and your reputation. Keep your website secure by auditing the security settings.
Keep your website secure by auditing the security settings. Different package levels handle additional items for you.
Keep your website secure by quickly auditing your security settings. We offer easy-to-use security features built with Cloud security experience and expertise to save you time and keep your website safe.
As a small business owner, you understand the importance of protecting your customers' data and your business's reputation. Keep your website secure by auditing your security settings with our easy-to-use tool.
Many Uses for Different Situations
Click to read how Prelaunch is used by others.
| Customer | Details | Actions |
|---|---|---|
Entrepreneur |
Make security simple with our WordPress firewall and audit tool |
Learn more |
Blogger |
Secure your website traffic |
Learn more |
CEO Chief Executive Officer |
Security is important |
Learn more |
CMO Chief Marketing Officer |
Website security affects reputation |
Learn more |
Product Manager |
Website security affects the product |
Learn more |
Social Media Influencer |
Stay safe and stay online |
Learn more |
Website Owner |
Secure the website you own |
Learn more |
WordPress Developer |
Secure the website you built |
Learn more |
CTO Chief Technology Officer |
Security must be audited |
Learn more |
Entrepreneur |
Security is needed fast |
Learn more |
Small Business Owner |
Security is crucial for my business |
Learn more |
EU Cookie Consent