What if one day you wake up in the morning and find out that your website has been hacked? You try to restore the website and find that your entire database has also been deleted. This will be a hair-raising moment for you. As a fellow WordPress site owner, I can understand your frustration. There’s nothing more frustrating than having your digital space compromised.
But there is a guard there keeping a watchful eye—Solid Security. This ultimate security tool is your best defense against threats trying to invade your WordPress site.
In this Solid Security review, I will tell you how it can help you secure your website. Whether you are a newbie or a seasoned professional, you can use it seamlessly without requiring any technical knowledge. Join me and learn what Solid Security can do for you.
Table of Contents
What is Solid Security?
Solid Security is a comprehensive WordPress security plugin designed to protect your WordPress websites from cyber threats and other attacks. It is a product of Solid WP that provides a whole suite to secure, backup, and manage your WordPress websites. Solid WP is a brand of Stellar WP.
Here are some main reasons to use it for your WordPress website:
- User-friendly interface for both technical and non-technical users.
- A centralized dashboard to manage your site’s security from one place
- This protects your website from the constant risk of cyber attacks.
- Features include Two Factor Authentication, Ban Users, Brute Force Attack Prevention, etc.
- WordPress core files and plugin scanning and protection.
- Regular database backups.
- Extra login security against unwanted guests.
This is a must-have plugin for security-conscious website owners like you who want to lock down their WordPress sites.
Solid Security Features Explained
Now I will tell you about its features in more detail so that you can know what else this plugin can do for you. So let’s get started:
1. Realtime & Customizable Dashboard
Solid Security gives you a real-time security dashboard that you can customize according to your requirements and utility.
This dashboard is completely real-time which means you get up-to-the-minute information about potential threats, security issues, and information about your website. You do not need to visit each page one by one to see the updates. You can simply click on any widget in your dashboard to view the details report.
Along with this, this dashboard is completely customizable, which means you can add widgets as per your choice and can also remove unwanted widgets.
In the above image, I have shown how you can add new cards and remove any unwanted ones. You can also change the position and size of widgets.
2. Regular Security & Malware Scanning
Solid Security lets you schedule regular site scanning. This way it automatically keeps protecting your website and fixes or notifies you if any issues are detected. You can turn on this setting by going to Settings > Features > Site Check and turning on the toggle button for scan scheduling.
You can also scan your site manually if needed.
Here you can scan your site and find if there is any issue on your WordPress website. It scans for inactive users, old WP installs, plugins, themes, etc, and gives you a detailed report.
Here you will see the scan results like the above image and take appropriate action to secure your site.
3. Secure Login Features
Another cool feature that I like the most is its Extra login security. Solid Security offers advanced login features that are an absolute game-changer. Once you see these capabilities in action, you’ll be hooked.
Here are the features it offers to enhance login security:
- Two-factor authentication: Every time a user logs in, their identity will be verified using a two-factor authentication (TFA) system. You can set up TFA using an authenticator app, email, or backup authentication code.
- Passwordless login: When you enable this option, a login link will be sent to your email. You can then log in using that link without entering a password.
Along with these options, you can also set up privilege escalation for temporary expanded access, trusted devices to restrict unknown logins, and passkeys for passwordless biometric logins to enhance your login security.
4. Brute Force Protection
Local Brute Force shields your site from credential-stuffing attacks. It locks out IP addresses and user accounts after a defined number of failed login attempts to prevent unlimited password guessing.
By temporarily restricting access after repeated unauthorized tries, this feature secures your logins from brute force attacks while ensuring real users aren’t locked out from mistakes. Local Brute Force is an essential safeguard that will bolster your login security.
5. Builtin Captcha Verification
It’s very important to keep your site safe from bots – you don’t want spam dominating your comments or fake accounts gaining access to your login.
This plugin equips you with flexible captcha options to fully customize and strengthen bot detection.
You can enable this during login or comment to require random testing to prove visitors are real humans.
It provides flexible implementation to fit your site’s specific needs. There are different types like reCAPTCHA v2, v3, and invisible reCAPTCHA with varying levels of visual and background verification. The CAPTCHA can be enabled for key protection actions like logins, new user registration, password resets, comments, and more as needed.
6. Advanced User Account Security
Solid Security gives you advanced user security settings to secure your site. It lets you customize security policies for different user groups.
Create user groups and assign users based on their roles. Then configure security settings specific to each group.
Key settings include:
- Manage access to Solid Security functions
- Control who views security dashboards
- Enforce strong passwords and prevent compromised ones
- Mandate password changes periodically
- Allow certain groups to skip the 2FA setup
- Generate application passwords
- Require 2FA for critical accounts
- Monitor user activity logs
Additionally, security can be customized for individual user accounts like Admin and Manager via the User Security menu in the plugin.
With options to manage both group and user-specific access and restrictions, comprehensive security tailored to each user’s needs is achievable.
7. Firewall Protection
Solid Security provides firewall settings to protect your site from vulnerabilities. This setting allows you to set restrictions on user agents, IP addresses, maximum violations per IP address, maximum login attempts, captcha, etc.
You can create your own custom firewall rules, ban IPs, authorize IPs, limit login attempts, manage site lockouts, ban users, set up brute force protection, etc.
By installing these advanced firewall functionalities, you can tailor solid security protection to the needs of your specific website, ensuring comprehensive control over website access and security.
8. Additional Security Features:
Solid Security packs an extensive set of security capabilities. In addition to the core features covered above, here are some other enhancements that further strengthen protection:
1. Patchstack Integration: Solid Security integrates with Patchstack to automate vulnerability patching and plugin updates. Instead of manually checking for updates to plugins, themes, and WordPress, Patchstack does this work for you. It scans known vulnerabilities or outdated software and applies one-click solutions to harden your site.
2. Database Backup & Site Security: In this plugin, you can also schedule automatic database backups. This ensures that you have the latest copy of your database in case of any security incidents like malware attacks or accidental data loss. It also offers SSL implemented to provide additional security to keep your site away from vulnerabilities.
3. Temporary Site Access Features: This feature is designed where you need to grant temporary access to specific users like developers or designers, but you don’t want to grant them full user accounts. Solid Security allows you to provide a temporary site for a specific period of time.
4. Trusted Device and Safe Browsing: Solid Security helps you maintain a safe browsing environment by offering features like trusted devices and safe browsing integration. You can mark specific devices as “trusted,” allowing them to reduce login friction. Unrecognized devices require further verification, thwarting account takeovers. Integrated safe browsing blocks known malicious IPs, providing another layer of protection against attacks.
5. File Comparison and Change Detection: Solid Security’s file comparison detects unauthorized changes to your core website files and plugins through automatic daily checks. Any modifications trigger instant alerts, enabling quick identification and response to suspicious activity or potential hacks before site stability is impacted.
6. Security and Version Management: Solid Security centralizes security settings in its plugin and protects against outdated software. The version management tools let you automatically update chosen plugins, themes, and old WordPress sites. This ensures your site runs the latest secure software.
9. Lightweight and Fast
Solid Security prioritizes both strong security and website performance. This is unlike other security plugins that often burden websites with resource-intensive processes. Solid Security is intentionally designed to be lightweight and fast. This ensures minimal impact on your website’s loading speed, maintains efficiency, and provides a seamless user experience.
10. Custom Notifications
Its notification system allows administrators to set up automated email alerts to stay informed about important security events and issues. Users can create recipient groups based on roles (e.g. administrators, managers) and also add or remove individual users from the group who will receive notifications.
You can select a preferred ‘from’ email address, schedule daily or weekly notifications and customize the specific topics to cover, such as security digests, site lockouts, database backups, scan results, two-factor authentication reminders, user security updates, and more.
The notifications provide summaries and details about issues that require attention. Additionally, the timing and recipients can be configured to ensure the right team members are notified about relevant security events.
Solid Security Pro: Pricing
Whether you’re a solo site owner or an agency managing multiple sites, Solid Security offers pricing that scales with you. For individual site owners, you can purchase a single license just for your site. As your needs grow, they make it easy to add more licenses.
Along with this, you can also purchase the Solid Suite bundle which includes Solid Security Pro, Solid Backups, and Solid Central. I have given a pricing table for it here below:
For web development agencies and companies managing many websites, Solid Security provides options to buy licenses in bulk. You can purchase the exact number of licenses matching your current workload. As you take on more client sites, you’re able to seamlessly expand your licenses as needed. Solid Security’s flexible pricing model enables businesses of all sizes to only pay for what they use.
Support
They provide support within 2-4 business hours from Monday to Friday. The best part is, that whenever you submit a ticket through their Submit a Request page, a real person gets back to you ASAP. This way you get personalized support for your problem.
They also have a detailed Help Center where you can find solutions to almost all your common problems. And, if you have any personalized issues, you can contact them using their support page.
Alternatives
This plugin has many alternatives but the best one is WordFence. I prefer Solid Security over WordFence because it offers more features and is much easier to use. Even if you are a non-techie you can use it very comfortably. When choosing between options, consider factors like specific needs, budget, and user-friendliness.
FAQ
-
Is Solid Security free?
Solid Security offers both a free and a pro version. The free version provides basic security features, while the pro version offers additional features and functionality.
-
Do they offer a money-back guarantee?
Yes, They offer a 30-day money-back guarantee.
-
Will Solid Security slow down my website?
No, Solid Security is optimized to run efficiently and have minimal impact on your website’s performance.
Should you go with it or not?
I have been actively working on WordPress websites and building them for others for the last 6 years and I have seen several threats that can harm a WordPress website. I have thoroughly analyzed and used every aspect and security feature of this plugin. Based on my experience, this plugin will make your WordPress website very secure. So, if you want peace of mind and want to focus on other important tasks instead of always thinking about the security of your website, then you should give Solid Security a try.
Wrapping Up
Running a WordPress site comes with the responsibility of security. Solid Security provides robust protection so you can focus on your content and audience. It’s more than just a plugin – it’s an advanced defense system safeguarding your site 24/7. The user-friendly dashboard makes monitoring and customizing security simple.
Don’t wait for disaster to take action. Be proactive in protecting your site, brand, and audience from harm. Solid Security provides the tools and knowledge for a safe environment. Security may not be exciting, but it’s essential. Invest in some peace of mind today with Solid Security.