Once the plugin is activated, you will see a new menu item in your WP dashboard called Ultimate Security. Click on it to enter the plugin’s dashboard. This is the first screen; you will see a greeting pop-up.
After heading to the next steps, the “Just an emergency” pop-up will appear. It will provide you with an emergency URL that deactivates the plugin if you encounter any issues.
Here is the first dashboard you will be exploring:
- It provides a real-time data of your website’s security.
- Top right, you will find a refresh button to update all the cards.
Your Security Score
At the top left corner, you will see Your Security Score.
- This score presents how many security features are currently active on your site.
- Next to the score, you will see a security meter.
- Hit ‘Click to view detailed breakdown’ for more security info.
This pop-up shows you exactly how safe your website is.
A. Top Score Display
At the very top, you see three things:
- Score: Your points
- Status: “Poor,” “Fair,” or “Good.”
- Percentage: The amount of safety you have right now.
B. Top Recommendations and More Security Features
- By adjusting these settings, you can improve your score
C. Footer
A close button to go back to the main screen
Issue Counters and Critical Threats
Near the “Security Score,” there are four important signs that help you prioritize your actions:
Issues Found
- It shows recommendations or vulnerabilities that are not currently active threats but pose a risk if left unaddressed.
Critical Threats
- This counts the number of immediate, high-risk dangers currently detected on your site.
Outdated Plugins
- The number shows how many of your installed plugins are currently running on old versions
Failed Logins
- It counts how many times someone tried to log in to your website recently but failed to access it.
Site Health
This section shows your website’s overall health
- WP Health: It depends on PHP version, security scans, and system configuration.
- SSL: This checks if your site has a security certificate.
- Response: This tracks how quickly your site starts loading.
File Integrity
This section acts like a security guard. It monitors WordPress’s core files.
- The purple button will show you exactly which file is different. You can then see if it is a safe change or if you need to delete it to protect your site
“View Results” Button
This screen appears after clicking the View Results button. It scans a detailed report on any files that have been changed, added, or removed from your WordPress installation.
Scan Summary
At the top of the page, you will see a quick summary of the findings based on the scan time.
- Modified: It indicates that if any modified file has been detected
- Missing: It shows that if any files are missing
- Unknown: It indicates if there are any unfamiliar files.
- Total issues: The sum of all issues found.
Important Note
You will see a yellow notification box on this screen.
- Not all modified files are malicious. Sometimes, changes are made by legitimate plugins or themes you installed.
- Check ‘Unknown’ files to ensure they belong to a trusted plugin. If they aren’t recognized, investigate or delete them
File List Details
A list displays the specific files that triggered the alert. Finding any specific files from the search box can save time.
- File Name: Shows the file
- Status: Indicates the type of change.
- Risk: Indicates the threat level.
- Size: Shows the size of the file
Action Buttons
At the bottom of the screen, you have three options:
- Export Report: Download your scan report.
- Rescan: Run rescan to update your results after fixing or deleting files
- Close: Click this to return to the main Dashboard
Bottom Cards
Failed Login Attempts
This counts how many times incorrect credentials were entered in the last 24 hours.
Login Attempts
This section shows recent login activity. It lists both successful and failed attempts. Each record includes the time and IP address used.
Plugin Updates
This section shows any available updates for your plugins.
Critical Threats
This section displays critical security threats found on your website.
Quick Action
This section provides easy access to the most important security features of your WordPress site. These are common security tasks that you can set up quickly with just a few clicks.
Enable 2FA
- Adds an extra layer of security to your login process
- Requires a second verification step when logging in
- Click “Configure” to set up two-factor authentication
Brute Force Protection
- Blocks repeated login attempts from suspicious sources
- Prevents automated password guessing attacks
- Click “Configure” to enable this protection
Limit Login Attempts
- Restricts the number of failed login tries
- Helps prevent brute force attacks on your login page
- Click “Configure” to set your preferred limits
Hide Login URL
- Changes the default WordPress login path (wp-login.php)
- Makes it harder for attackers to find your login page
- Click “Configure” to set a custom login URL
Disable File Editing
- Prevents unauthorized changes to your theme and plugin files
- Adds an extra security layer to your site’s core files
- Click “Configure” to enable this protection
Each action has a “Configure” button that will take you to the specific settings page where you can customize that security feature according to your needs. These quick actions help you strengthen your site’s security without needing to navigate through multiple menus.
Security Recommendations
This section shows important security improvements for your WordPress site. The plugin analyzes your current security setup and recommends actions to make your site more secure.
How to Use
Click the Fix button next to any uncompleted recommendation to set it up. Each fix guides you through the configuration process. As you complete recommendations, the progress bar and completion count will update automatically.
