Defender Security – Malware Scanner, Login Security & Firewall


Defender adds the best in WordPress security plugin to your website with just a few clicks. Stop brute force attacks, SQL injections, cross-site scripting XSS, and other WordPress vulnerabilities and hacks with Defender malware scans, antivirus scans, IP blocking, firewall, activity log, security log, and two-factor authentication login security.

No longer do you have to go through hideously complex settings and get a virtual PhD in security. Defender adds all the hardening and security recommendations you need.

Security Recommendations

Ο Defender ξεκινάει με μια λίστα με τεχνικές προστασίας με ένα κλικ, οι οποίες θα προσθέσουν αμέσως στρώματα προστασίας στον ιστότοπό σας.

Αποκλείστε τους χάκερς σε κάθε επίπεδο:

  • Two-factor authentication – passwords and mobile app verification codes
  • Login masking – change the location of WordPress’s default login area
  • Login lockout – failed login attempts lockout
  • Security Headers – Add an extra layer of defense and protect against common attacks like: XSS, code injection, and more
  • 404 Detection – automated block of bot IPs
  • Configs – Create your ideal Defender security settings and export / import saved configs to any other site
  • Geolocation IP lockout – block users based on location and country (IP blocking)
  • WordPress Security Firewall – block or allowlist IPs
  • Disable trackbacks and pingbacks – spam prevention
  • Core and server update recommendations – stay on top of your system
  • Disable file editor – if they get in, they won’t get far
  • Hide error reporting – don’t reveal your issues
  • Update security keys – reset on-demand
  • Prevent information disclosure – why tell them what you have
  • Prevent PHP execution – because it’s daaaangerous
  • Resolve security recommendations and issues in bulk

Learn The Ropes With These Hands-On Defender Tutorials

WordPress Security Scans

Run free malware scans that check WordPress for suspicious code and malware. The Defender scan tool compares your WordPress install with the master copy in WP directory, reports changes and lets you restore the original file with a click.

Google επαλήθευση σε 2 βήματα – 2FA

Join the millions of users that make their accounts safer with Google 2-Step Verification – along with other third-party integrations like Microsoft Authenticator and Authy. Activate two-factor authentication and protect your account with both your password and your phone.

Firewall and IP Manager

Keep your site safe with Defender’s IP manager and firewall. Manually block specific IPs, import a list of banned IPs and set automated timed and permanent lockouts. Defender makes it easy to block and unblock specific locations quickly thanks to its advanced firewall (WAF).

Προστασία σύνδεσης

Οι βίαιες επιθέσεις δεν συγκρίνονται με το Defender. Περιορίστε τις προσπάθειες σύνδεσης για να σταματήσετε τους χρήστες να προσπαθούν να μαντέψουν τους κωδικούς πρόσβασης. Απαγορεύστε οριστικά τις IP ή να ενεργοποιείστε ένα χρονικό κλείδωμα μετά από έναν καθορισμένο αριθμό αποτυχημένων προσπαθειών σύνδεσης.

Απόκρυψη σελίδας σύνδεσης

Defender makes it easy to move your login screen to a custom URL. Not only does login screen masking improve security, but it also lets you white label your login user experience and improves branding.

Security Headers

Security headers protect your site against the most likely types of attacks, such as: XSS, code injection, cross site scripting, and more. You can enable the following headers:

  • X-Frame-Options
  • X-XSS-Protection
  • X-Content-Type-Options
  • Strict Transport
  • Referrer Policy
  • Feature-Policy

Περιορισμός 404

Defender detects when bots are being used to scan your site for vulnerabilities and shuts them down. The 404 limiter lets you stop the scan by detecting when a bot keeps visiting pages that do not exist, which can also save you from a giant strain on your site’s performance.

Ειδοποιήσεις και αναφορές

Ο Defender εκτελεί επιτήρηση και αποστέλλει ειδοποιήσεις με πληροφορίες που έχουν σημασία.

Reduce Setup Time With Saved Configs

The configs module allows you to save your Defender configurations and reapply them to your other sites in just a few clicks. You can create and save an unlimited number of configurations.

What Do People Say About Defender?

“I found other pro security plugins a bit too fiddly for my taste…I’m delighted with Defender” – KeithADV

“Thank you for bringing back a free and easy to use 2-Factor Authentication after Clef! Defender helps keep me aware of my sites security.” – awijasa

“Defender’s interface is very intuitive with warnings that are very helpful” – djohns

“Defender Recently blocked over 3000 attacks in one week without any noticeable impact on the website. WPMUDEV knocking it out of the park on this one.” – David Oswald

Secure Websites, More Trust, Better Profit

Your visitors expect a super-safe extra secure website when deciding whether or not to make a purchase or submit information. If visitors don’t trust your site, they will leave without completing a transaction.

If you’re running a business website or eCommerce store privacy, security, uptime and trust are essential.

Defender is here to help you: it’s a one of a kind WordPress security plugin that makes web security easy for anyone, for free!

  • Google επαλήθευση σε 2 βήματα – 2FA
  • Ρυθμίσεις προστασίας και ασφάλειας με ένα κλικ
  • Σάρωση και επισκευή πυρήνα WordPress
  • Security headers
  • One-click configs
  • Απόκρυψη σελίδας σύνδεσης
  • IP Blocklist manager and logging
  • Απεριόριστη σάρωση αρχείων
  • Timed Lockout brute force attack shield for login protection
  • 404 περιορισμός για τον αποκλεισμό των σαρώσεων ευπάθειας
  • Ειδοποιήσεις και αναφορές αποκλεισμού IPs

Defender is built to make security simple: it makes your WordPress site harder to hack and it’s insanely easy to set up. Run a scan and implement recommended changes in one-click, for added security in mere minutes.

All the above is free and will secure WordPress for you. If you need extra security for your WordPress site, you should get WPMU DEV Membership.

Our Membership gives you access to Defender Pro – which features automated scanning, scheduled malware scans for Core, themes, plugins and other files, audit logs, Blocklist monitoring – alongside Snapshot Pro cloud backups, the Hub with automated plugin, theme and core updates and safe-upgrade scans, all our premium WordPress plugins, 24/7 WordPress support and if your sites already been hacked our team of security experts will clean it up at no additional cost.

It’s an incredible deal, and you can find out more here.

A Note From Defender

Hey! This is Defender, your trusted solution for WordPress security and hack prevention. I’m part of the WPMU DEV team, a superhero-suite of WordPress plugins, services, and support. Here are some of our other free plugins:

  • Smush – Image Compression and Optimization
  • Forminator – Form, Quiz, Poll and Survey Builder
  • Hummingbird – Page Speed Optimization
  • Hustle – Pop-ups, Slide-ins and Email Opt-ins
  • SmartCrawl – SEO checker, Analyzer and Optimizer

And if you need ALL our Pro plugins AND 24/7 WordPress support, get WPMU DEV membership! You can try it free for 30 days:

My superhero friends run the WPMU DEV Blog, your source for the very best WordPress tutorials. If you need to be in the know about WordPress, check it out.

Thanks for looking at Defender, and I look forward to hardening your site and making it safer than ever.

Enjoy, The Defender

Σχετικά με εμάς

WPMU DEV is a premium supplier of quality WordPress plugins and themes. For premium support with any WordPress related issues you can join us here:

Don’t forget to stay up to date on everything WordPress from the Internet’s number one resource:

Έι, κάτι ακόμα… ελπίζουμε να σας αρέσουν οι δωρεάν προσφορές όσο αγαπάμε να τις φτιάχνουμε για σας!


  • Malware scans and one-click hardening recommendations.
  • Layered security recommendations let your harden your site with a few clicks.
  • Συγκρίνει την εγκατάσταση του WordPress με τον επίσημο κατάλογο και επαναφέρει τα αρχικά αρχεία με ένα κλικ.
  • Χρησιμοποιήστε την επαλήθευση σε 2 βήματα για να προστατεύσετε τους λογαριασμούς σας με το τηλέφωνό σας.
  • IP blocklisting, 404 limiter and Timed Lockout attack shield.


  1. Upload the wp-defender plugin to your /wp-content/plugins/ directory.
  2. Activate the plugin through the ‘Plugins’ menu in WordPress.
  3. Configure and manage using the defender menu item in the WordPress dashboard.
  4. Done!

Συχνές Ερωτήσεις

Γιατί πρέπει να επιλέξω τον Defender σε σχέση με άλλα πρόσθετα ασφαλείας;

Defender is built to add all the best hardening and security recommendations used by the pros without having to become a security expert. This means you get all the most effective and proven protection methods other services provide with fewer settings, on-click hardening and faster setup.

Είναι ο Defender το μόνο βήμα που πρέπει να κάνω για να εξασφαλίσω την ασφάλεια του WordPress ιστότοπού μου;

Hackers and bot attacks are not the only threat to your site. No matter what security plugin or service you use, always be prepared with a secure backup stored in a safe location away from your live site. Security does not protect from hosting outages, server errors and accidentally lost or damaged data. We recommend Snapshot. Defender with scheduled managed backups is the best way to keep your site safe.

Does Defender protect against harmful bots?

Yes! Defender’s Firewall gives you robust site protection by allowing you to block bad bot IPs.

Can I use Defender with other security plugins?

You can. Just make sure not to enable the same features in the third-party plugin, that you also have enabled in Defender, as this might cause conflicts.

Is Defender compatible with WordPress Multisite?

Yes! The plugin is fully compatible with a multisite installation. It can be network enabled and managed from the network admin.

Does Defender offer spam protection?

A high percentage of Trackbacks and Pingbacks are spam. Defender allows you to easily disable both, giving you added protection.

Will my site be protected from DDoS attacks?

Yes. Defender’s IP banning, IP lockouts, and 404 detections can identify DDoS attacks and block bad IPs.

Help! I was already hacked. What should I do?

WPMU DEV’s expert support can advise you on how to clean up your site if it’s been hacked. Create a new thread in our support forum, or start a free 7 day trial of Defender Pro to get access to 24/7 live support.

I have another question, where’s the best place to get help?

Please open a new thread in Defender’s support forum. Our support team is always happy to help!


21 Ιουλίου 2021
Am currently only using Defender for the anti lockout feature to prevent someone trying to guess passwords. So far so good, I guess its one of those cases where you hope not to ever need a reason for it 🙂
28 Ιουλίου 2021
It has many premium features in its free version. Amazing.
Ανάγνωση όλων των 164 κριτικών

Συνεισφέροντες & Προγραμματιστές

“Defender Security – Malware Scanner, Login Security & Firewall” είναι λογισμικό ανοιχτού κώδικα. Οι παρακάτω έχουν συνεισφέρει στη δημιουργία του.


Το “Defender Security – Malware Scanner, Login Security & Firewall” έχει μεταφραστεί σε 14 γλώσσες. Ευχαριστούμε τους μεταφραστές για τις συνεισφορές τους.

Μεταφράστε το “Defender Security – Malware Scanner, Login Security & Firewall” στην γλώσσα σας.

Ενδιαφέρεστε για την ανάπτυξη;

Περιηγηθείτε στον κώδικα, ανατρέξτε στο αποθετήριο SVN ή εγγραφείτε στο αρχείο καταγραφής αλλαγών ανάπτυξης μέσω RSS .

Σύνοψη αλλαγών

2.5.4 ( 2021-06-28 )

  • New: Google reCAPTCHA for WordPress login/register/password reset pages
  • New: Highlight new features in welcome modal
  • Enhance: Compatibility with WordPress 5.8
  • Enhance: Update WP-CLI scan options
  • Enhance: Tools dashboard widget
  • Fix: Locations feature not working on Flywheel hosting
  • Fix: Warnings with PHP version 7.4
  • Fix: Password reset page showing if users from any subsite try to save pwned password
  • Fix: Guest User under Malware Scanning Notification
  • Fix: Various issues with notifications in Defender
  • Fix: Can’t update email when mask login enabled
  • Fix: Minor typo in Dashboard modal
  • Fix: Issue Details section not showing code
  • Fix: Hide notice on Configs page

2.5.3 ( 2021-06-07 )

  • Fix: Check password’s hash before forwarding to Pwned Password API

2.5.2 ( 2021-06-01 )

  • New: Force password reset for all registered users
  • New: Highlight new features in welcome modal
  • New: WP CLI support for Force Bulk Password reset
  • Enhance: Integration with Smush – exclude Smush-optimized images from Malware Scanning reports
  • Enhance: Add Pwned Passwords and Password Reset widgets to Defender Dashboard page
  • Enhance: Change Doc link from advanced-tools to tools
  • Enhance: Fix success notification inconsistencies
  • Enhance: Add License at the footer of Pwned Passwords
  • Enhance: Change ‘Please try again!’ error message for known vulnerabilities
  • Fix: Clean Lockouts option
  • Fix: Blank vulnerability report with some plugins
  • Fix: Masked login are bypassed with double slash
  • Fix: Search details are not showing on IP Banning modal page
  • Fix: Defender translations
  • Fix: Unable to schedule Posts
  • Fix: Issues with Mask Login Area and user creation
  • Fix: Typo in Prevent Information Disclosure and Prevent PHP Execution
  • Fix: 2FA active state notification should change only after saving settings

2.5.1 ( 2021-05-19 )

  • Fix: Fatal error after an update from older versions

2.5.0 ( 2021-05-06 )

  • New: Check passwords against Pwned database
  • New: Highlight new features in welcome modal
  • Enhance: Automatically remove old logs after 30 days
  • Enhance: Malware scanning security enhancements
  • Enhance: Detect suspicious code with ‘WPTemplatesOptions’
  • Enhance: Detect suspicious code in themes
  • Enhance: Some suspicious code threats missed by Defender
  • Enhance: Better descriptions for Malware scanning reports
  • Enhance: Set ‘Scan plugin files’ option unchecked by default
  • Enhance: Remove ‘Scan theme files’ option from File change detection
  • Enhance: Remove ‘Allow From’ option from X-Frame-Options header
  • Enhance: Platform compatibility with Defender
  • Enhance: Rename Advanced Tools to Tools
  • Enhance: Documentation links tracking
  • Fix: Malware scanning stuck on analyzing theme
  • Fix: Translation files not applied
  • Fix: Reset not removing all data
  • Fix: Send data in persistent date format to Hub
  • Fix: Resetting or Uninstalling does not completely remove Defender settings
  • Fix: Check all files from scan Issues and Ignored tabs for bulk actions
  • Fix: Scrolling Up issue in Active lockouts
  • Fix: Update SUI to the latest version
  • Fix: Revert button in Prevent User Enumeration recommendation

2.4.10 ( 2021-04-05 )

  • New: Add WP CLI commands to reset mask login settings
  • Enhance: Update links to
  • Enhance: Prevent PHP Execution/Prevent Information Disclosure (show manual instructions on Apache tab)
  • Enhance: Bulk Unblock/Undo actions on Active Lockouts
  • Enhance: Adjust Malware scanning logic to reduce false-positive reports
  • Enhance: Malware Scanning – Disable delete button for a report, when a third-party plugin is active
  • Enhance: Change count-logic for total value of issues shown on a main widget and Defender’s menu
  • Enhance: Improve the behavior of the Active tag on configs feature
  • Enhance: Custom notification email for ‘When Failed to scan’ is not imported to Config
  • Enhance: Compatibility with WordPress 5.7
  • Enhance: Update minimum supported WordPress version
  • Enhance: New Manage Notifications button on notification widget
  • Enhance: In Notifications and Dashboard pages, replace “-” with text under Schedule
  • Fix: No error when restore core file fails
  • Fix: Cron issues for Audit and Firewall modules
  • Fix: Defender sending 404 Detection notifications when that type is turned off
  • Fix: Remove old deprecated code of recommendations in DB
  • Fix: Duplicate IP addresses on Active Lockouts
  • Fix: Display different frequency for different timezones
  • Fix: 404 Detection timeframe is not imported to Config
  • Fix: Showing banner without content on profile page
  • Fix: Active Lockouts pagination seems broken
  • Fix: Link Defender Settings redirects to Defender Dashboard page on WP plugin page

2.4.9 ( 2021-03-17 )

  • Fix: Stability fixes

2.4.8 ( 2021-03-12 )

  • Fix: Unescaped DB parameters

Changelog for previous versions.