Save 15% with code 
Getting Started
Install ArmorPro, activate your license, and configure core security features.
Last updated Feb 21, 2026
Installation
ArmorPro is installed like any WordPress plugin. You will need the ZIP file from your purchase confirmation email.
- Purchase ArmorPro from srworks.co
- Download the plugin ZIP file from your confirmation email
- In your WordPress dashboard, go to Plugins → Add New → Upload Plugin
- Select the ZIP file and click Install Now
- Click Activate Plugin
After activation, you will find the ArmorPro menu in your WordPress admin sidebar. The plugin begins protecting your site immediately with sensible defaults.
License activation
A valid license key is required for ArmorPro to function. Your license key is included in your purchase confirmation email and is also available in your Polar account.
- Navigate to ArmorPro → License tab
- Paste your license key into the License Key field
- Click Activate
- You should see a green confirmation indicating your license is active
Tip
Your license key is tied to the number of sites allowed by your plan: Personal (1 site), Business (5 sites), or Agency (up to 100 sites). You can manage active sites from your account dashboard.
Admin tabs overview
ArmorPro organizes its features across seven tabs in the WordPress admin. Here is what each one does:
| Tab | Purpose |
|---|---|
| Dashboard | Overview stats (total blocks, lockouts, blocked logins, country blocks), 7/14/30/90-day activity chart, feature status grid, and health checks |
| Brute Force | Login attempt monitoring, lockout settings, bot protection, auto-blacklist for repeat offenders, XML-RPC/REST API controls, and login activity log |
| Firewall | Pattern manager with 600+ built-in patterns, custom patterns, per-pattern toggles, hit tracking, firewall log, and Enhanced WAF controls |
| Access Control | IP whitelist, permanent blacklist with optional expiry, and country-based blocking with GeoIP lookup |
| Settings | Login security (two-factor authentication, passkeys, custom login URL), security headers, obfuscation and hardening, and email notifications |
| Tools | Health checks, database repair, settings export/import, cleanup utilities, factory reset, and demo data |
| License | License activation, deactivation, and revalidation |
Dashboard overview
The Dashboard tab is your security command center. At the top, you will see summary cards showing total blocks, lockouts, blocked logins, and country blocks. These stats update in real time as ArmorPro works.
Below the stats, an activity chart visualizes security events over your chosen time range: 7, 14, 30, or 90 days. The feature status grid shows which protections are currently active, making it easy to spot anything that needs attention.
Health checks at the bottom of the dashboard verify that ArmorPro's database tables, settings, and file permissions are all in order.
Quick start checklist
Follow these steps in order to secure your site right away:
- Activate your license in the ArmorPro → License tab
- Whitelist your IP in ArmorPro → Access Control to avoid locking yourself out
- Review brute force defaults in the Brute Force tab (3 failed attempts, 15-minute lockout)
- Check the firewall is enabled in the Firewall tab
- Enable security headers in ArmorPro → Settings for additional hardening
- Verify on the Dashboard that all features show active status
Important
Always whitelist your own IP address before tightening security settings. This ensures you will not accidentally lock yourself out of your own site.
Emergency disable
If you are locked out and cannot access the WordPress admin, you can temporarily disable all ArmorPro protections by adding the following line to your wp-config.php file:
define('ARMOR_DISABLE', true);This bypasses all firewall rules, brute force protection, and access controls so you can log in and adjust your settings. Remove this line once you have regained access and corrected the issue.
Next steps
With the basics in place, explore these features to maximize your site security:
- Brute Force Protection — Configure login attempt limits, lockout durations, and bot protection
- Firewall & Patterns — Manage the 600+ built-in firewall patterns and add custom rules
- Enhanced Firewall (WAF) — Install the PHP-level firewall for maximum protection
- Access Control — Set up IP whitelists, blacklists, and country blocking
- Two-Factor Authentication — Add a second verification step to admin logins
- Passkey Authentication — Enable passwordless login with biometrics or security keys