Defender Security – Malware Scanner, Login Security & Firewall


Defender adds the best in WordPress plugin security to your website with just a few clicks, including malware scanner, firewall, and login security features. Stop brute force login attacks, SQL injections, cross-site scripting XSS, and other WordPress vulnerabilities and hacks with Defender’s malware scanner, providing antivirus scans, IP blocking, firewall, activity log, security log, and two-factor authentication (2FA) login security.

No longer do you have to go through hideously complex security settings and get a virtual PhD in security. Defender’s malware scanner, firewall, and login security features add all the hardening and security recommendations you need.

Security Recommendations

Defender starts with a list of one-click hardening techniques that will instantly add layers of protection and security to your site.

Block hackers at every level:

  • Malware scanner – scan WordPress core files for modifications and unexpected changes which may be caused by malware. Scan for malware and tighten up the security of your files
  • WordPress Security Firewall – block or allowlist IPs, implement IP blocking, and Geo IP blocking, user agent banning and protect against brute force attacks
  • Two-factor authentication (2FA) – Easily set up better security with 2FA to prevent most login attacks such as brute force, App verification, backup codes, lost device email, WooCommerce 2FA, and Web Authentication
  • Login masking – change the location of WordPress’s default login area to improve login security
  • Login lockout – failed login attempts lockout
  • User Agent Banning – Block bad bots and user agents from accessing your site
  • Security Headers – Add an extra layer of defense security and protect against common attacks like: XSS, code injection, and more
  • 404 Detection – automated block of bot IPs
  • Configs – Create your ideal Defender security settings and export / import saved configs to any other site
  • Geolocation IP lockout – block users based on location and country (IP blocking)
  • Disable trackbacks and pingbacks – spam prevention
  • Core and server update recommendations – stay on top of your system
  • Antivirus scan – scan for active security threats, viruses, and other malware
  • Disable file editor – if they get in, they won’t get far
  • Hide error reporting – don’t reveal your security issues
  • Update security keys – reset on-demand
  • Prevent information disclosure – why tell them what you have?
  • Prevent PHP execution – because it’s daaaangerous!
  • Resolve security recommendations and issues in bulk
  • Google reCAPTCHA – easy to add, stop fraud and abuse – including BuddyPress and WooCommerce.
  • Pwned Password Check – Protect against compromised passwords.
  • Force Password Reset – Force users with selected roles to reset passwords.

Learn The Ropes With These Hands-On Defender Security Tutorials

WordPress Security Scans

Defender’s free malware scanner checks WordPress security issues such as suspicious code and malware. The Defender security plugin scans to compare your WordPress install with the master copy in the WP directory, reporting any changes and letting you restore the original file with a single click.

Two-Factor Authentication (2FA)

Easily add an extra layer of protection to your WordPress sites with Defender’s range of two-factor authentication (2FA) features. Including: mobile app verification (Google Authenticator, Microsoft Authenticator, Authy), backup code generation, lost device emails, WooCommerce 2FA, Biometric Authentication (fingerprint/facial recognition), and Hardware Key Authentication (USB security keys). An easy and ideal way of preventing brute force attacks and other login security vulnerabilities.

Login Protection

Brute force login attacks are no match for Defender. Limit login attempts to stop users trying to guess passwords. Permanently ban IPs or trigger a timed lockout after a set number of failed login attempts. Use Geo IP blocking to ban users from specific countries or locations.

Firewall and IP Manager

Improve your website security with Defender’s IP manager and firewall. Manually block specific IPs, import a list of banned IPs, and set automated timed and permanent lockouts. Defender makes it easy to block and unblock specific locations quickly thanks to its advanced firewall (WAF) offering Geographical IP blocking.

User Agent Banning

Add user agents to the block or allowlist and stop bad bots from spamming and scraping your site. All major search engines and special network bots are allow-listed out of the box. Easy to set up, Defender’s user agent banning tool does all the security work, with no editing of the .htaccess file required.

Google reCAPTCHA Integration

Add reCAPTCHA to your login / registration pages, lost password forms, and post comments in a couple of steps to up security and help protect from fraud and abuse. Select reCAPTCHA type, language, location, and style to suit. As well as Google, Defender also supports the following reCAPTCHA types:

  • BuddyPress reCAPTCHA
  • WooCommerce reCAPTCHA

Login Screen Masking

Defender makes it easy to move your login screen to a custom URL. Not only does login screen masking improve security, but it also lets you white label your login user experience and improves branding.

Force Password Reset

Password Reset enables you to force all users with selected roles to reset their password at any time. Especially helpful if you suspect a possible data breach on your site.

Security Headers

Security headers protect your site against the most likely types of attacks, such as: XSS, code injection, cross site scripting, and more. You can enable the following headers:

  • X-Frame-Options
  • X-XSS-Protection
  • X-Content-Type-Options
  • Strict Transport
  • Referrer Policy
  • Permissions-Policy

404 Limiter

Defender detects when bots are being used to scan your site for vulnerabilities and shuts them down. The 404 limiter lets you stop the scan by detecting when a bot keeps visiting pages that do not exist, which can also save you from a giant strain on your site’s performance.

Notifications and Reports

Defender runs surveillance and sends security notifications with information that matters. All activity and notifications are recorded in the activity log to let you see at a glance the website security actions that have been taken by the Defender security plugin.

Reduce Setup Time With Saved Configs

The configs module allows you to save your Defender configurations and reapply them to your other sites in just a few clicks. You can create and save an unlimited number of security configurations.

Pwned Password Check

Protect your site against password leak attacks. Entered passwords are checked against public database breach records. If a password is identified as compromised, the user will be asked to change it.

Global IP Block/Allowlists

This is a game-changer if you manage multiple sites. Create your IP block/allow list once, then apply and automatically sync it to all your other sites with just a single click. You’ll save hours by not having to manually add IPs to each individual site. *Note: a [free WPMU DEV account] ( is required to access this feature.

Scheduled Security Scans and Reports (Pro Only)

The same effective and thorough Defender malware scanning, but fully automated! Schedule regular scans for round-the-clock protection, plus, stay informed with scheduled and fully detailed security reports sent straight to your inbox.

Safe Repair And Quarantine Malicious Files (Pro Only)

This powerful feature allows the safe and easy repair of malicious files without any disruption to your live site. With Safe Repair, suspicious files can be quarantined, deleted, or replaced with the latest copies from the official plugin repository in a single click. You can also quarantine modified files so that you have access to the original file if it’s ever needed.

Google Blocklist Monitor (Pro Only)

An easy and automated way to ensure your site is always in Google’s good books. Defender automatically checks Google’s blocklist every 6 hours to ensure your site hasn’t been flagged. If something is wrong you’ll be notified immediately by email.

Audit Logging (Pro Only)

No more manually having to determine what events have triggered unwanted behavior and activities on sites. Defender tracks, reviews, and logs everything so you can resolve issues faster and more accurately for yourself or your clients.

What Do People Say About Defender?

“I found other pro security plugins a bit too fiddly for my taste…I’m delighted with Defender” – KeithADV

“Thank you for bringing back a free and easy to use 2-Factor Authentication after Clef! Defender helps keep me aware of my site’s security.” – awijasa

“Defender’s interface is very intuitive with warnings that are very helpful” – djohns

“Defender Recently blocked over 3000 attacks in one week without any noticeable impact on the website. WPMUDEV knocking it out of the park on this one.” – David Oswald

Secure Websites, More Trust, …


  • Malware scans and one-click website security hardening recommendations.
  • Layered security recommendations let you harden your site with a few clicks.
  • Compare your WordPress install with the directory and restore original files with a click.
  • Use 2-Step Verification (2FA) to protect your accounts with your phone.
  • IP blocklisting, 404 limiter, Geo IP Blocking, and Timed Lockout attack shield.


  1. Upload the wp-defender plugin to your /wp-content/plugins/ directory.
  2. Activate the plugin through the ‘Plugins’ menu in WordPress.
  3. Configure and manage using the defender menu item in the WordPress dashboard.
  4. Done!


Why should I choose Defender over other security plugins?

Defender is built to add all the best hardening and website security recommendations used by the pros without having to become a security expert. This means you get all the most effective and proven protection methods other services provide with fewer settings, on-click hardening and faster setup.

Is Defender the only step I need to take in securing my WordPress site?

Hackers and bot attacks are not the only threat to your site. No matter what security plugin or service you use, always be prepared with a secure backup stored in a safe location away from your live site. Security does not protect from hosting outages, server errors and accidentally lost or damaged data. We recommend Snapshot. Defender with scheduled managed backups is the best way to keep your site safe.

Does Defender protect against harmful bots?

Yes! Defender’s Firewall gives you robust site protection and security by allowing you to block bad bot IPs and use geographical IP blocking

Can I use Defender with other security plugins?

You can. Just make sure not to enable the same security features in the third-party plugin that you also have enabled in Defender, as this might cause conflicts, such as malware scanners, firewall, and login security features.

Is Defender compatible with WordPress Multisite?

Yes! The plugin is fully compatible with a multisite installation. It can be network enabled and managed from the network admin.

Does Defender offer spam protection?

A high percentage of Trackbacks and Pingbacks are spam. Defender allows you to easily disable both, giving you added security and protection.

Will my site be protected from DDoS attacks?

Yes. Defender’s IP banning, IP lockouts, and 404 detections can identify DDoS attacks and block bad IPs.

I’ve locked myself out of my admin panel, what can I do?

Add the code below to your theme’s function.php file, which you’ll find in the main directory of an active theme. Replace “YOUR IP HERE” with your IP address. Use a site like whatsmyip to get your IP.

add_filter( 'ip_lockout_default_whitelist_ip', function ( $ips ) {
  $ip    = 'YOUR IP HERE';
  $ips[] = $ip;
  return $ips;
} );

Help! I was already hacked. What should I do?

WPMU DEV’s expert support can advise you on how to clean up your site if it’s been hacked. Create a new thread in our support forum, or Defender Pro gives you access to 24/7 live support.

How can I report security issues or bugs?

We take plugin security incredibly seriously; if you have a bug or vulnerability to report, you can do so through the Patchstack Vulnerability Disclosure Program. It’s fast, easy, and you will be notified when the issue is fixed. Report a vulnerability.

I have another question, where’s the best place to get help?

Please open a new thread in Defender’s support forum. Our support team is always happy to help!


ফেব্রুয়ারি 26, 2024 1 reply
This plugin is the best I've ever used, the free version is the most complete I've ever seen, it cleaned up my website, incredible, all the functions I need are here, I recommend it to everyone, congratulations to the developers.
ফেব্রুয়ারি 10, 2024 1 reply
Before Defender, we used the All in One Security plugin, but it failed to block the spam. And I don't think it did something to prevent spam. All the time I thought that it secured us from spam until our host deactivated the website email function one day. So I looked for another plugin. And Defender was one of many on the list. I gave it a try. Of course, it has some features that I'd like to improve. But overall it makes it work. We started to receive little to no spam emails and spam registrations at all. I hope the authors will continue to maintain the plugin well and block us from spam. Thank you!
জানুয়ারি 31, 2024 1 reply
This is a plugin I know I can rely on to keep my site safe.
সব রিভিউ পড়ুন

ডেভেলপার এবং কন্ট্রিবিউটর

“Defender Security – Malware Scanner, Login Security & Firewall” is open source software. The following people have contributed to this plugin.


“Defender Security – Malware Scanner, Login Security & Firewall” has been translated into 14 locales. Thank you to the translators for their contributions.

Translate “Defender Security – Malware Scanner, Login Security & Firewall” into your language.

ডেভেলপমেন্ট এ আগ্রহী?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.


4.5.1 ( 2024-02-26 )

  • Enhance: Improve IP detection with auto-detection for Cloudflare and notices for proxy configurations
  • Enhance: Compatibility with WordPress 6.5
  • Enhance: Replace the old Twitter logo with the new logo in emails

4.5.0 ( 2024-01-24 )

  • Enhance: Compatibility with PHP 8.3
  • Enhance: Improve white-labeled emails
  • Enhance: Redesign Quarantine page
  • Fix: Scanning Issues when suspicious files are in the plugins folder and don’t have plugin headers
  • Fix: Remove redundant table creation conditional guard clause
  • Fix: Rules for Defender > 2FA > Woocommerce are not overwritten over time
  • Fix: Scan flagging “All in one security” files as suspicious
  • Fix: Defender Google reCAPTCHA does not work with WooCommerce Gutenberg Checkout block
  • Fix: Masked Login not working after registration

4.4.2 ( 2024-01-22 )

  • Enhance: Recommended IP Detection method with improved accuracy, site security, and harder-to-bypass IP banning

4.4.1 ( 2023-12-19 )

  • Enhance: UI Enhancements

4.4.0 ( 2023-12-11 )

  • Enhance: Adjust the size of the summary box logo
  • Enhance: Update the Twitter name and logo
  • Enhance: Update SUI to the latest version
  • Fix: Update malware signatures
  • Fix: PHP warning after activating Defender Security Headers
  • Fix: Remove Translation Link when the Whitelabel Hide Links option is enabled

4.3.1 ( 2023-12-06 )

  • Enhance: Minor code improvements and fixes

4.3.0 ( 2023-11-27 )

  • Enhance: Whitelist IP addresses
  • Enhance: Display the status of Global IP in config details
  • Enhance: Check for plugin tables created without the default upgrade.php file
  • Enhance: Add URI Parameter to the ‘wd_404_lockout’ hook
  • Fix: Update malware signatures
  • Fix: Failed login with 2FA on Masked Login page
  • Fix: PHP v8.1 warning for Defender Masked Login
  • Fix: PHP v8.1 warning for setcookie()
  • Fix: Issue when applying custom config

Changelog for previous versions.