Discussion on Super Security - All in One WordPress Security


WhoWP supports this item


This author's response time can be up to 1 business day.

19 comments found.

Will this require to add any logins or api’s ?

Also can you add ip blocking and country blocking?

How about visitors stats, page loads, ban..etc.


Hi there suceava20

No, this plugin doesn’t require any logins or external api.

No, this plugin doesn’t allow you to block users.

Yes, you do have a live traffic page (powered by Easy Stats PRO plugin) where you can see visitors statistics. Also, you can influence your pages load speed thanks to Google Safe Browsing settings inside the plugin.

Hope you find this answer useful. Cheers!

So will you add ip and country blocking? Thanks

Well, we will continue to develop this plugin based on buyers feedback (on demand).

So, if you want, we can add blocking options based on: IP, IP Range, host name and referrer url.

The above mentioned banning options will be added to this plugin within four days. Cheers!

Installed plugin and reviewed the options. I made no changes or adjustments. Logged out of the system and later tried to log back in and it locked me out, saying invalid login path. Thank god I was able to access the site via a remote access and deactivated the plugin and all went back to normal. Why if I didn’t change anything did it lock me out even though I never made any changes and NO in the settings was the change url activated.

Hi bigjake36.

The first time you activated the plugin you should have configured the settings because upon activation wp-admin folder is automatically hidden and your login path is changed to yoursite.com/login/

as you can see on this screenshot: https://0.s3.envato.com/files/167313362/2.png

This is done to protect you from SQL Injections, read this article: http://www.flippercode.com/how-to-hack-wordpress-site-using-sql-injection/

Sorry for that, we should mentioned it in the docs, will do so!

Just go to your Super Security > Change Admin URL and uncheck the field and also put wp-admin in the text field bellow. Then click on update.

If you think that this answer was helpful, please consider rating this item with 5 stars. It’d mean a lot! :)

Thank you in advance. Cheers!

Can i use it without WordPress, i need it for virus scanner

Hi mealhalabi, Currently we don’t have a standalone version of Super Security.

However, you can scan any files you wan’t, just add them to wp-themes folder.

Hope this answers your question. Cheers mate!

Greetings, I would like to know if this plugin can do a few things.

1. Does this plugin clean up any malware already on your website?

2. My website keeps getting this message “Infection type: JS:Injection-A [Trj]” and I usually have to reupload the plugin and remove the malware myself. Not sure what is causing this but it keeps happening. Does this plugin help a situation like this?

3. Does the plugin keep the site protected from hacks? I looked into buying a service to help me with the problem but I would rather spend my money on this plugin since its a cheaper way of possibly fixing the problem.

Hi there, Sorry for such a late answer, but better ever than never. now to answer your questions:

1. Yes, Super Security plugin comes with one of the most powerful malware scanner (approved by sucuri security) which has a cron job based option to auto scan you wp site for malware once a week.

2. If you activate Super Security he might solve that, otherwise:

Try working your way through these resources:

https://codex.wordpress.org/FAQ_My_site_was_hacked https://wordpress.org/support/topic/268083#post-1065779 http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/ http://ottopress.com/2009/hacked-wordpress-backdoors/

Additional Resources:

http://sitecheck.sucuri.net/scanner/ http://www.unmaskparasites.com/ http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html

3. Well that is the main purpose of Super Security, to protect your websites from hack attempts and unwanted malware at affordable price.

Hope these answers were helpful to you, if you need any more assistance, we`re here to help. Cheers!


I,v already bought the plugin but I have an error when install:

Unpacking the package… Installing the plugin… The package could not be installed. No valid plugins were found. Plugin install failed.

please help

Hi mohad, Please come to our website http://whowp.com and in the bottom right corner click on the chat. We’re online! :)

I have 2 questions:

1) Can this plug-in hide wordpress installation on front end (hide wordpress version, plug-in, “wordpress” word ecc.)?

2) Can this plug-in doing automatic backups of file and database, and store them in dropbox or google drive for more security? If not, is this function in your update program?

Hi protesilao, I’ll answer your questions in the same order:

1) Yes, among some advanced options for hiding the fact that your site uses WordPress is even the option to rename the wp-login.php, hide WordPress version parameters from url’s, and many more..

2) When it comes to Backups, we keep the database and files backups separate:

for files backup please see this screenshot: https://0.s3.envato.com/files/167313362/4.png As you can see, the files backup is done by a simple click and takes no more than 2-8 sec to backup your files.

for database backup: https://0.s3.envato.com/files/167313362/5.png

We weren’t so focused on backups, but on the security performance while crafting this plugin, so we didn’t add the automatic backups option.

But yeah, this is certainly a great idea and will be a great addition to such a fine plugin, we’ll add it to the to-do list for the next update.

Cheers! :)

Great, automatic cloud storage backup, is the most security option to sleep fine with wordpress websites !!!

Why is login screen different, i renamed only wp-admin. Must i add some css?

Hi webdesignkampioen, Can you please send us a screenshot or link to the mentioned page on our email hello@whowp.com so that we can check it out by our self?

We’ll get back to you soon. Cheers!

Hi, how are you

I’m also interested in your plugin the plugin is it in French why not add an ’.htaccess’ file and ’.htpasswd’ for more security? in the admin folder your plugin? can we rename directories and subdirectories: wp-content, wp-includes, wp-admin etc …....

Reduce the size of HTML resources, CSS and JavaScript you-have a plugin recommend

thank you

Pre sales questions for plugin x 2. Can I confirm that your plugin allows you to replace mysite.com/wp-admin with mysite.com/dashboard with the latest version of Wordpress?


ndyw Purchased

in your comment reply (above) you said, it can hide the website using wordpress, but if we press F12 it still showing it all oh ya, i want to ask as well : 1. my site several time got injected SQL and also several time it change my user into their user. can it fix it? 2. my site already got xploit. can it recovery it from any file that their put it to my directory? 3. is it have a firewall feature? Thanks


ndyw Purchased

Thanks for your respond, i used that already ^^ btw, the form login display change now in my opinion its too plain, would you consider to add custom login page, so we can add picture/logo and make it look nice(perhaps) and i think if you add more security in login page, it would be perfect such as capcha or authorization code or anything, that if the person who input the wrong code will redirect to custom url but, its just my opinion because, in my case i got attack more than 1000 IP address that tried to brute force into my login page/day. and its very frustrating Thanks


ndyw Purchased

and if i saw in Super Security – Live Traffic Activity, the IP that tried to bruteforce, it only visit wp-login.php(i didnt check the redirect) but it still can inject user and password


ndyw Purchased

hi, i got update notification and already download the newest file. how to update it to my website? do i have to remove the old one and reinstall it again?

I need an explanation on these: 1 – if I change admin url and check the box it says it will be visible! So should I leave the box unchecked?

2 – there are two types of file permissions 0644 and 0444 – what mean those and which files should be assigned which permissions?

3) which settings do would you consider more important to change?


In main screen could it has a fix option? security
image sharing sites

When I see it I often don’t know how to fix

I am on the hunt for virus /malware removal WordPress plugin. What sort of malware it can remove it? and how is your plugin better than others in the market?

same question with above ^

Hello, your last update goes back to last year, is what you are planning a few things. WP latest version not compatible ..

We will fix it as soon as possible and then let you know. Hope these answers were helpful to you.

It’s possible to schedule database and file backup? It’s possible to backup on dropbox or other cloud services?

can this plugin used for 3 website?

Presales ques.: HI, Are you have demo?


Question before purchase

1) If I understand correctly, in the plugin you have integrated a function to make full backups of the site with the database? So no need to install the third-party backup plugin?

2) Compatible with wordpress 4.8.1 and compatible with all templates and plugins.

3) Your plugin once activated, it will not slow down our site? There is a lot of plugin on the site here damages seriously and once activated it must slow down the site. That is why I ask you.

4) Can you change both URLs here “wp-admin” and “wp-login.php” and rename them to “admin” and “login” and redirect the old URL to a 404 error. Need the function.

5) Is it possible to change the names of the files: example “Wp-content”, “wp-includes”, “themes”, “uploads” By “Content”, “in”, “template”, “up”

6) Can we change the names of the files themes.

Thank you