WPSEC
EN
Client Login

16. Februar 2026

5 Essential Security Settings After Installing WPSEC

After installing WPSEC Security, these five settings will significantly improve your site protection.

1. Set Up Email Notifications

Go to WPSEC → Settings → Notifications and configure your alert email address. Enable at least:

  • Brute-force attack alerts
  • Weekly security report
  • New critical findings

2. Whitelist Your IP Address

Navigate to WPSEC → Firewall and add your office or home IP to the whitelist. This prevents accidental lockouts during active development or content editing.

3. Apply the Basic Hardening Profile

Go to WPSEC → Hardening and select the Basic profile. This applies essential security measures that are safe for all WordPress sites.

4. Disable XML-RPC If Not Needed

Unless you use the WordPress mobile app or Jetpack, disable XML-RPC under WPSEC → Hardening. XML-RPC is one of the most targeted endpoints for brute-force attacks.

5. Enable Scheduled Scans

In WPSEC → Settings → Scans, enable weekly automatic scans. This ensures new security issues are detected promptly without manual intervention.

With these five settings configured, your site is well-protected against the most common WordPress attacks.