Solid Security – Password, Two Factor Authentication, and Brute Force Protection
Harden your site security with Login Security, Two-Factor Authentication (2FA), Vulnerability Scanner, Firewall, and more. Formerly iThemes Security.
4.6(3,982 reviews)
·700K+ active installs·Updated 4 days agoAs of April 2026, Solid Security is a WordPress malware plugin with 700K+ active installations and a 4.6/5 rating from 3,982 reviews. It has been downloaded 37M+ times in total. Requires WordPress 6.5+ and PHP 7.4+. Available on WordPress.org since 2010. Actively maintained — updated within the last month. Downloads are up 953% this week. Support resolution rate: 41%. Top alternative: Wordfence Security – Firewall, Malware….
4.6/53,982 reviews
700K+active installs
41%resolved
16 yearssince 2010
Overview
Reduce your WordPress website’s risk to nearly zero with Solid Security
Formerly iThemes Security. Looking for iThemes? Learn more here.
On average, 30,000 websites are hacked every day.* Cyberattacks in the US increased by 57% in 2022.** Bad actors who want to hack your site, steal your data, and cripple your business are a 24/7/365 threat.
You need a proactive, strategic approach to WordPress website security that protects your site from brute force attacks, malware infections, and other cyber threats.
Solid Security shields your site from cyberattacks and prevents security vulnerabilities. It automatically locks out bad users identified by our Brute Force Protection Network that is nearly 1 million sites strong and leverages your own blacklist. It secures and protects your most commonl…
Screenshots
Ratings & Reviews
4.63,982 reviews
5 ★
3,417
4 ★
177
3 ★
46
2 ★
62
1 ★
280
Recent Reviews
Crashes Website, No Support For Free Version.
by michaelpd·1 week ago
Woke up to our customer’s website going down. Found out that the htaccess and wp-config files were both blank, completely empty. Everything is up to date (WP, Theme, Plugin, PHP). Restored those two files and deactivated this plugin, everything appears to be working normally.
Solid Security doesn’t have any support unless you’re a paid PRO customer with a login. Terrible customer support.
Solid Security Breaks Vimeo Gallery Portfolio
by noa2noa·1 month ago·3 replies
I’m using the Vimeo Gallery WordPress plugin to display my Vimeo portfolio on my website. After installing Solid Security, my portfolio stopped loading completely.
Because I can’t afford to have my portfolio offline, I removed Solid Security. The gallery started showing again, but as soon as I clicked on another portfolio item, it would freeze. In the end, I had to restore a backup of my website to fix everything.
There may be a configuration that resolves this, but I couldn’t figure out what was causing the conflict. I’m sure Solid Security is a solid plugin overall, just sharing this so other Vimeo Gallery WordPress plugin users are aware of a possible issue.
Excellent plugin, looking forward to PHP 8.4 compatibility
by Reponse Studio·3 months ago
Great plugin overall, very solid and reliable in production.
When testing PHP 8.4, I’m seeing repeated deprecated notices (implicit nullable parameters) coming from Solid Security that can interfere with REST/AJAX responses in the admin. Everything is stable on PHP 8.3, so this looks like a PHP 8.4 compatibility gap rather than a configuration issue.
A future update addressing PHP 8.4 deprecations would be highly appreciated. Thanks for the continued work on this plugin.
CSS problem
by Ilya·5 months ago
By using next CSS rules
.auto-fold #wpcontent {
padding-left: 0;
}
#wpcontent {
padding-left: 0;
}
you break original WordPress CSS
#wpcontent {
height: 100%;
padding-left: 20px;
}- This topic was modified 5 months, 3 weeks ago by Ilya.
from happy to VERY disappointed
by jongveronique·6 months ago·1 reply
I used to be very happy with the plugin. It did exactly what it needed to do, even if setup was a bit of a challenge.
Now it broke one of my sites 3 weeks in a row. First an empty wp-config file, then an error in the .htaccess (with 2 sites) and this week only the homepage of the site was live and all others were nowhere to be found (404). I deactivated this plugin and all of a sudden the pages had returned.
I am afraid I’ll have to look for another security app.
Download Trends
Today: 13KYesterday: 18KThis week: 264KPeriod total: 4.5M
Compatibility
| WordPress | 6.5+ requiredTested up to 6.9.4 |
| PHP | 7.4+ required |
Version Adoption
v9.4
57.4%
v9.3
19.6%
Other
15.6%
v8.1
7.4%
Top Alternatives to Solid Security – Password, Two Factor…
Frequently Asked Questions
Changelog
9.4.7
- Bug Fix: Prevent email retry loops by ensuring the scheduled notification properties are saved.
Contributors
Plugin data sourced from WordPress.org. Analysis and metrics by PluginSift.