ArmorPro

Install ArmorPro, activate your license, and configure core security features.

Login attempt limits, lockout durations, bot protection, auto-blacklist, and XML-RPC/REST API hardening.

String-matching firewall with 600+ patterns, input normalization pipeline, and 5 scan categories. Per-pattern toggles, custom patterns, hit tracking, and response codes.

PHP-level firewall that runs before WordPress loads. Auto-detects server type, syncs patterns, and blocks requests in ~1ms.

IP whitelist, permanent blacklist with expiry, and country-based access control with GeoIP.

TOTP-based 2FA with any authenticator app. Per-role enforcement, backup codes, and compliance tracking.

Passwordless login with Face ID, Touch ID, Windows Hello, or hardware security keys via WebAuthn/FIDO2.

Hide wp-login.php behind a custom URL slug. Original login returns 404.

HTTP security headers including X-Content-Type, X-Frame-Options, HSTS, Content Security Policy, and Permissions Policy.

Author slug obfuscation, email address encoding, and user enumeration prevention.

Real-time security alerts and daily/weekly digest emails for login blocks, firewall matches, and admin logins.

Global settings reference, health checks, database repair, settings export/import, and factory reset.

Locked out, firewall false positives, 2FA issues, custom login problems, and getting help.