FP Site Security
by Joseph Mendez 1 (0 reviews)

FP Site Security

Lightweight WordPress security: login defense, firewall, malware scans, file monitoring, and local backups — all running on your own site.

Compatible with WP 7
v1.0.9 Current Version v1.0.9
Updated 1 month ago Last Update on 17 Jun, 2026
Refreshed 8 hours ago Last Refreshed on
View on WordPress.org
Rank
#56,091
No change
Active Installs
1+
No change
KW Avg Position
87
No change
Downloads
132
+3 today
Support Resolved
0%
No change
Rating
20%
Review 1 out of 5
1 (0 reviews)

Next Milestone 10

Total Progress 20%
0+ 10+
55,127
Ranks to Climb
-
Growth Needed
8,000,000
Active Installs
Pro

Unlock Exact Install Count

See the precise estimated active installs for this plugin, calculated from real-time ranking data.

  • Exact install estimates within tiers
  • Track install growth over time
  • Milestone progress predictions
Upgrade to Pro
Need 8 more installs to reach 10+

Rank Changes

55,944 56,262 56,580 56,898 57,216 11-07-2026 12-07-2026 13-07-2026 14-07-2026 15-07-2026 16-07-2026 17-07-2026 18-07-2026
55,944 56,262 56,580 56,898 57,216 03-07-2026 04-07-2026 05-07-2026 06-07-2026 07-07-2026 08-07-2026 09-07-2026 10-07-2026 11-07-2026 12-07-2026 13-07-2026 14-07-2026 15-07-2026 16-07-2026 17-07-2026 18-07-2026
55,944 56,262 56,580 56,898 57,216 18-06-2026 19-06-2026 20-06-2026 21-06-2026 22-06-2026 23-06-2026 24-06-2026 25-06-2026 26-06-2026 27-06-2026 28-06-2026 29-06-2026 30-06-2026 01-07-2026 02-07-2026 03-07-2026 04-07-2026 05-07-2026 06-07-2026 07-07-2026 08-07-2026 09-07-2026 10-07-2026 11-07-2026 12-07-2026 13-07-2026 14-07-2026 15-07-2026 16-07-2026 17-07-2026 18-07-2026
55,944 56,262 56,580 56,898 57,216 19-04-2026 20-04-2026 21-04-2026 22-04-2026 23-04-2026 24-04-2026 25-04-2026 26-04-2026 27-04-2026 28-04-2026 29-04-2026 30-04-2026 01-05-2026 02-05-2026 03-05-2026 04-05-2026 05-05-2026 06-05-2026 07-05-2026 08-05-2026 09-05-2026 10-05-2026 11-05-2026 12-05-2026 13-05-2026 14-05-2026 15-05-2026 16-05-2026 17-05-2026 18-05-2026 19-05-2026 20-05-2026 21-05-2026 22-05-2026 23-05-2026 24-05-2026 25-05-2026 26-05-2026 27-05-2026 28-05-2026 29-05-2026 30-05-2026 31-05-2026 01-06-2026 02-06-2026 03-06-2026 04-06-2026 05-06-2026 06-06-2026 07-06-2026 08-06-2026 09-06-2026 10-06-2026 11-06-2026 12-06-2026 13-06-2026 14-06-2026 15-06-2026 16-06-2026 17-06-2026 18-06-2026 19-06-2026 20-06-2026 21-06-2026 22-06-2026 23-06-2026 24-06-2026 25-06-2026 26-06-2026 27-06-2026 28-06-2026 29-06-2026 30-06-2026 01-07-2026 02-07-2026 03-07-2026 04-07-2026 05-07-2026 06-07-2026 07-07-2026 08-07-2026 09-07-2026 10-07-2026 11-07-2026 12-07-2026 13-07-2026 14-07-2026 15-07-2026 16-07-2026 17-07-2026 18-07-2026
Current #56,091
Change
Best #

Upgrade to Pro

Unlock 30-day and 90-day rank history charts with a Pro subscription.

Upgrade Now

Active Installs Growth

Active Installs 0,000,000+
Growth +0.0%
Peak 0,000,000

Downloads Growth

0 10 11-07-2026 12-07-2026 13-07-2026 14-07-2026 15-07-2026 16-07-2026 17-07-2026 18-07-2026
0 10 03-07-2026 04-07-2026 05-07-2026 06-07-2026 07-07-2026 08-07-2026 09-07-2026 10-07-2026 11-07-2026 12-07-2026 13-07-2026 14-07-2026 15-07-2026 16-07-2026 17-07-2026 18-07-2026
0 10 20 18-06-2026 19-06-2026 20-06-2026 21-06-2026 22-06-2026 23-06-2026 24-06-2026 25-06-2026 26-06-2026 27-06-2026 28-06-2026 29-06-2026 30-06-2026 01-07-2026 02-07-2026 03-07-2026 04-07-2026 05-07-2026 06-07-2026 07-07-2026 08-07-2026 09-07-2026 10-07-2026 11-07-2026 12-07-2026 13-07-2026 14-07-2026 15-07-2026 16-07-2026 17-07-2026 18-07-2026
0 10 20 30 40 19-04-2026 22-04-2026 25-04-2026 28-04-2026 01-05-2026 04-05-2026 07-05-2026 10-05-2026 13-05-2026 16-05-2026 19-05-2026 22-05-2026 25-05-2026 28-05-2026 31-05-2026 03-06-2026 06-06-2026 09-06-2026 12-06-2026 15-06-2026 18-06-2026 21-06-2026 24-06-2026 27-06-2026 30-06-2026 03-07-2026 06-07-2026 09-07-2026 12-07-2026 15-07-2026 18-07-2026
0 10 20 30 40 18-07-2025 30-07-2025 11-08-2025 23-08-2025 04-09-2025 16-09-2025 28-09-2025 10-10-2025 22-10-2025 03-11-2025 15-11-2025 27-11-2025 09-12-2025 21-12-2025 02-01-2026 14-01-2026 26-01-2026 07-02-2026 19-02-2026 03-03-2026 15-03-2026 27-03-2026 08-04-2026 20-04-2026 02-05-2026 14-05-2026 26-05-2026 07-06-2026 19-06-2026 01-07-2026 13-07-2026 18-07-2026
Downloads
Growth
Peak

Upgrade to Pro

Unlock 30-day, 90-day, and yearly download history charts with a Pro subscription.

Upgrade Now

Reviews & Ratings

1.0
0 reviews
Overall 20%
5
0 (0%)
4
0 (0%)
3
0 (0%)
2
0 (0%)
1
0 (0%)

Tracked Keywords

Showing 1 of 1
Keyword Position Change Type Updated
malware scanner 87 Tag 2 days ago

Unlock Keyword Analytics

Track keyword rankings, search positions, and discover new ranking opportunities with a Pro subscription.

  • Full keyword position tracking
  • Historical ranking data
  • Competitor keyword analysis
Upgrade to Pro

Track This Plugin

Get detailed analytics, keyword tracking, and position alerts delivered to your inbox.

Start Tracking Free

Plugin Details

Version
1.0.9
Last Updated
Jun 17, 2026
Requires WP
6.0+
Tested Up To
7
PHP Version
7.4 or higher
Author
Joseph Mendez

Support & Rating

Rating
★ ☆ ☆ ☆ ☆ 1
Reviews
0
Support Threads
0
Resolved
0%

Keywords

Upgrade to Pro

Unlock keyword rankings, search positions, and detailed analytics with a Pro subscription.

Upgrade Now

Frequently Asked Questions

Common questions about FP Site Security

It hardens login (brute-force lockout, optional two-factor), runs a built-in firewall with country and IP blocklists, scans your files for malware signatures and integrity changes, offers optional WordPress.org checksum and update verification when you opt in, takes scheduled local backups, and sends you alerts when something looks wrong.
No. Activate the plugin and the defaults turn on login protection, the firewall, and local file integrity monitoring. WordPress.org verification lookups are off by default and must be enabled explicitly. There's no signup, no API key, and no paid tier.
By default it does not send visitor IP addresses to third-party geo-location services. Country-based checks only work when your stack already provides country data locally, such as the CF-IPCountry header from Cloudflare, an equivalent server-side header, or the optional PHP GeoIP extension. Slack, Sentry, Google reCAPTCHA, and WordPress.org verification requests are all feature-driven and only occur when the relevant feature is enabled or used.
Yes, but you need to opt in. By default the plugin trusts only REMOTE_ADDR, so behind a proxy every visitor will look like the proxy IP. To honor CF-Connecting-IP / X-Forwarded-For, set the trust_proxy_headers option to 1 and add your proxy IPs to trusted_proxy_ips (comma- or whitespace-separated). With WP-CLI: wp option patch update firssise_options trust_proxy_headers 1 and wp option patch update firssise_options trusted_proxy_ips "203.0.113.10, 203.0.113.11". Without an allowlist, forwarded headers are spoofable and the firewall would be trivial to bypass.
In the WordPress admin, go to FP Security → Security → Login Security. Scroll to the "Two-factor authentication" section, scan the QR code with any TOTP app (Google Authenticator, 1Password, Authy, Bitwarden), enter the 6-digit code in the "Verify code" field to confirm, and save. TOTP will be required on every subsequent login for that user.
The plugin generates an emergency unlock token on activation, stored in the firssise_options row of wp_options. Three ways to retrieve it: WP-CLI: wp option get firssise_options --format=json and copy the emergency_unlock_token value. phpMyAdmin / database: open the wp_options table, find option_name = 'firssise_options', and read the serialized array — the token is the value of emergency_unlock_token. Last resort (always works): rename the plugin folder via SFTP (firstpage-site-security → _disabled) to deactivate the plugin and log in normally. Once you have the token, append it to your login URL: /wp-login.php?firssise_unlock=YOUR_TOKEN. That bypasses the lockout for a single login. For repeated lockouts, raise the brute-force threshold in FP Security → Security → Login Security.
The default mode is "low resource" — scans run in background cron batches, not on visitor requests. The realtime watcher only fingerprints files modified in the last ten minutes and skips known-large directories like cache/ and upgrade/. On a small or medium site you should not see any measurable impact.
It records an event in the activity log, raises an admin notice, and (if you've enabled them) pushes notifications to Slack, Sentry, or your admin email. From the Findings panel you can quarantine the file or delete it after review.
You can, but you probably don't want to — two firewalls fighting over the same hooks tends to cause double-blocking, lockouts, and slow login. The plugin detects common security plugins on activation and shows a one-time admin notice listing what it found so you can pick one. There is no functional conflict, just duplicated work.
Deactivate the plugin from the Plugins screen, then delete it. The plugin's options, transients, and event log are removed by the uninstall hook. Backups stored under wp-content/uploads/firssise-backups/ are intentionally NOT removed automatically — delete them manually if you don't want them.

Sign In / Register

You need to sign in or register to use this feature.