SiteLock WordPress Plugin

Fast to setup. Light to run. Harden WordPress the easy way.

Free on WordPress.org. Add essential security to your WordPress site with one plugin. Toggle WP-specific hardening, tighten login hygiene, see Site Health and run off-server cloud checks - all inside WP Admin.

What the free plugin includes:

  • Ready-to-apply WP-specific hardening toggles to reduce common attack paths
  • Built-in login hygiene: enforce strong passwords, limit brute-force attempts and session timeouts
  • View WordPress Site Health and cloud scan results* without leaving WordPress
  • On-demand scans and recurring cloud checks*

* Available after connecting a free SiteLock account

Add the plugin

Why WordPress needs protection

As the most popular platform, WordPress attracts attackers. Its plugin-driven flexibility widens the attack surface raises risk and maintenance overhead.

  • WordPress sites are 25% more likely to have vulnerabilities than non-CMS sites
  • WordPress sites are also 3.27× more likely to be infected
Source: SiteLock 2024 Website Security Report

Cloud checks + safe hardening help close common attack paths

How the SiteLock plugin helps secure WordPress

Keep WordPress protection simple, action-first, and light to run.

  • Action-first baseline - WordPress-specific hardening and core login protection in minutes - quick wins, not a maze of settings
  • Light footprint - Cloud checks run off your server so you stay fast - no heavy, on-server scans
  • Built for clarity - Site Health view with a security summary for an at-a-glance posture check
  • Assurance on demand - Run cloud security scans after changes for immediate visibility
GET STARTED FOR FREE

Wordpress website security made easy - How it works

Keep WordPress protection simple, visible and fast. The SiteLock WordPress security plugin adds lightweight controls in WP Admin and connects to cloud checks- so you can secure your site in minutes and stay confident day to day.

WordPress hardening

Toggle on WordPress specific hardening to cut common attack paths.

Login hygiene

Enforce password policies, throttle brute-force attempts and set session timeouts.

Site Health & activity in WP Admin

See Site Health; run on-demand scans and schedule recurring cloud checks (free SiteLock account required).

Free to start, easy to expand

Connect a free SiteLock account and add advanced protections later only when needed.

How to install the SiteLock plugin

Recommended

via WordPress Dashboard

  1. Log in to WordPress admin
  2. Plugins → Add New
  3. Search “SiteLock Security”
  4. Install Now → Activate
  5. Connect your free SiteLock account to enable Scan Now and recurring cloud checks
MANUAL INSTALL

from WordPress.org

Download SiteLock Security from WordPress.org and upload it to your site’s plugins.

Install & Uninstall Safety

Safe to install & remove

no code changes or theme conflicts. Revert toggles if you like, then uninstall. Your SiteLock account stays available on the web.

Upgrade any time. No re-install. No loss of settings.

Reduce your website security risks

Get started with SiteLock today

SiteLock quickly removes threats, restores functionality, and helps prevent future attacks, all backed by continuous monitoring and support.