Save 15% with code SAVE15

PluginsArmorProWordPress SecurityCitedProSEO & AI VisibilityBoostProSpeed & PerformanceServicesPricingAboutAccount

Lean Security
for WordPress

Your wp-login.php called. It wants some privacy.

Stop losing sleep over brute force attacks and suspicious logins. ArmorPro locks down your site in minutes so you can get back to running your business.

Get ArmorPro
ArmorPro Dashboard

Everything Your WordPress Site Needs

We studied what actually protects WordPress sites and built only that. No fluff, no fear mongering, no feature bloat.

Brute Force Protection

Failed login tracking with configurable thresholds. Temporary IP lockouts, activity logs with status badges, and automatic permanent bans for repeat offenders.

Firewall

600+ patterns across 5 categories: request URIs, query strings, user agents, referrers, and IP addresses. Enable, disable, search, or add your own custom patterns. Hit counts for every rule.

Enhanced Firewall (WAF)

Standalone WAF that runs before WordPress loads for ~1ms overhead. Auto-detects your server type and installs itself. Blocks threats at the PHP level before any plugins or themes execute.

Two-Factor Authentication

TOTP-based 2FA with any authenticator app. Backup recovery codes and per-role enforcement so you can require 2FA for administrators while leaving subscribers optional.

Passkey Authentication

Passwordless login with Face ID, Touch ID, Windows Hello, or security keys. WebAuthn/FIDO2 standard for phishing-resistant authentication. Up to 10 passkeys per user.

Access Control

IP whitelist and blacklist with configurable expiry, inline notes, and GeoIP location. Block or allow entire countries with flag-based selection.

Security Headers

X-Content-Type-Options, X-Frame-Options, Referrer-Policy, X-XSS-Protection, HSTS, CSP, and Permissions-Policy. Automatic duplicate header removal.

Login & Privacy

Hide wp-login.php with a custom login URL. Hide author slugs to protect usernames. Email obfuscation to stop scrapers from harvesting addresses.

Activity Dashboard

90-day security charts with visual trends for login blocks and firewall matches. Stats overview with quick enable/disable toggles for every feature at a glance.

Email Notifications

Daily or weekly email digests with alerts for blocked IPs, firewall threats, and admin logins. Configure which alert types to include and who receives them.

Why ArmorPro?

We built ArmorPro to be the WordPress security plugin we always wanted: powerful protection with a clean, minimal interface. No bloat, no unnecessary features, just the essentials done right.

Every feature earns its place. Every screen is designed for clarity. The result is a WordPress plugin that's both effective and enjoyable to use.

Clean, intuitive interface you'll actually enjoy using
Lightweight codebase that won't slow your site
Only the features you need, nothing you don't

Setup Time

0min

ArmorPro

0min

Others

Database Queries

0

ArmorPro

0

Others

Trusted by WordPress professionals

The WordPress security plugin designed with developers and site owners in mind.

"Finally a security plugin that doesn't make my site feel like its running through molasses. Set it up in 5 minutes and haven't thought about it since."
S

Sarah Chen

Freelance Developer

ArmorPro
"The UI is gorgeous. Clean, minimal, everything is exactly where you'd expect it to be. Its rare to find a WordPress plugin that actually feels well designed."
D

David Park

Web Designer

ArmorPro
"I manage 40+ client sites and ArmorPro is on every single one. Lightweight, effective, and I never have to explain a compicated settings page to clients."
R

Rachel Torres

Agency Owner

ArmorPro

Simple, Honest Pricing

All features included in every plan. Pick the tier that fits your needs.

ArmorPro Lite
Free
  • Brute force protection
  • Standard firewall (600+ patterns)
  • Bot protection
  • Basic security headers
  • IP whitelist management
  • Email & author obfuscation
  • XML-RPC & REST API protection
  • Login activity log
  • Security dashboard & charts
Coming Soon
Personal
$29/year
1 site

Everything in Free, plus:

  • Enhanced standalone WAF engine
  • Two-factor & passkey authentication
  • Country blocking & GeoIP data
  • Custom login URL
  • IP blacklist & auto-blacklist
  • Advanced headers (HSTS, CSP, Permissions Policy)
  • Custom firewall patterns
  • Email notifications & weekly digests
  • Extended log retention (90 days)
  • Export/import settings
  • 1 year of updates & support
Get Personal
Best Value
Agency
$129/year
100 sites

Everything in Free, plus:

  • Enhanced standalone WAF engine
  • Two-factor & passkey authentication
  • Country blocking & GeoIP data
  • Custom login URL
  • IP blacklist & auto-blacklist
  • Advanced headers (HSTS, CSP, Permissions Policy)
  • Custom firewall patterns
  • Email notifications & weekly digests
  • Extended log retention (90 days)
  • Export/import settings
  • 1 year of updates & support
Get Agency
Business
$59/year
5 sites

Everything in Free, plus:

  • Enhanced standalone WAF engine
  • Two-factor & passkey authentication
  • Country blocking & GeoIP data
  • Custom login URL
  • IP blacklist & auto-blacklist
  • Advanced headers (HSTS, CSP, Permissions Policy)
  • Custom firewall patterns
  • Email notifications & weekly digests
  • Extended log retention (90 days)
  • Export/import settings
  • 1 year of updates & support
Get Business

Want all three plugins?

Bundle ArmorPro with CitedPro & BoostPro and save over 20%.

View Bundle Pricing →

30-day money-back guarantee. No questions asked.

Frequently Asked Questions

Nope. We obsess over WordPress performance. ArmorPro adds roughly 15ms to page load time and runs just 2 database queries. It's built to be lightweight from the ground up—the way WordPress security plugins should be.
Yes! ArmorPro plays nicely with WP Rocket, W3 Total Cache, LiteSpeed Cache, and pretty much every WordPress caching solution out there. We've tested extensively to make sure there are no conflicts.
ArmorPro includes a string-matching firewall with 600+ patterns across 5 categories and per-pattern management, plus an Enhanced Firewall (WAF) mode that runs before WordPress loads with ~1ms overhead. Also includes brute force protection with IP logging, security headers management (including HSTS, CSP, and Permissions-Policy), REST API protection, activity logs, two-factor authentication (TOTP), passkey authentication (WebAuthn/FIDO2), country blocking, custom login URL, email notifications, auto-blacklisting of repeat offenders, and CSV export. All features are included in every tier.
ArmorPro uses a string-matching firewall with 600+ patterns across 5 categories: SQL injection and malicious query strings, dangerous request URIs (shell files, config access, exploit paths), known malicious user agents (120+ scanners, scrapers, attack tools), spam referrers, and IP address patterns. Each pattern can be individually enabled or disabled through the Pattern Manager with hit counts. You can also add your own custom patterns. The Enhanced Firewall (WAF) mode runs as a standalone PHP engine before WordPress loads via auto_prepend_file, adding only ~1ms of overhead. It also blocks XML-RPC requests and enforces REST API authentication.
ArmorPro includes TOTP-based two-factor authentication for WordPress that works with any authenticator app (Google Authenticator, 1Password, Authy, etc.). Each WordPress user sets up 2FA from their profile with a QR code scan. Backup codes are provided for account recovery. Admins can require 2FA for specific WordPress user roles.
Passkeys are a modern, passwordless authentication method using the WebAuthn/FIDO2 standard. Instead of typing a password, users authenticate with Face ID, Touch ID, Windows Hello, or a hardware security key. Passkeys are phishing-resistant since they're bound to the specific website and can't be reused elsewhere. Each user can register multiple passkeys (up to 10) from their profile page.

Pricing & Licensing

Yes! Free "Lite" versions of all three plugins are coming soon. They're currently working through the WordPress.org submission and review process, which can take a while. Once approved, you'll be able to download them directly from WordPress.org or from our plugin pages. Every paid plan still comes with a 30-day money-back guarantee if you want to get started right away.
A license gives you access to updates and support for the number of WordPress sites included in your tier. Personal covers 1 site, Business covers up to 5 sites, and Agency covers up to 100 sites. All tiers include the exact same features.
Yep! Business covers up to 5 WordPress sites, and Agency covers up to 100 sites. Personal is for a single site. If you need to add more sites later, you can upgrade your tier at any time.
Annual subscriptions let us invest consistently in development, security updates, and support. You get a better, more actively maintained product, and we can keep prices accessible starting at just $29/year. It also means you are never stuck paying for a product that stops getting updates.
Your plugin continues to work, but you won't receive updates or support until you renew. Your settings and data are never lost. All purchases auto-renew for convenience, and you can cancel anytime from your account.
Yes. You can upgrade your license tier at any time from within your account. The cost difference is automatically prorated so you only pay the difference for the remaining time on your subscription.
The bundle includes all three SRWorks plugins: ArmorPro, CitedPro, and BoostPro. You save over 20% compared to buying them individually. Available in Personal ($69/yr), Business ($139/yr), and Agency ($299/yr) tiers.
We use Polar as our merchant of record, powered by Stripe for secure payment processing. You can pay with all major credit cards (Visa, Mastercard, American Express, Discover) or PayPal. All transactions are encrypted and PCI compliant.
Absolutely. You're fully protected by our 30-day money-back guarantee. If you're not happy, we'll refund your purchase—no questions asked. See our refund policy for full details.
Yes! Earn 20% commission for the first 12 months of any referred subscription and 10% on every renewal after that. It's free to join with no approval wait times. Visit our affiliates page to learn more and sign up.

Have more questions? Contact us or visit our full FAQ.