Back to Downloads

WordPress Security Plugin

v1.1.2WordPressFree
5Defense Layers
28+Attack Patterns
38Malware Signatures
12Recovery Actions
17Features
100%Free

WordPress powers 43% of the web - and attackers know it. Default installations are vulnerable to brute force, SQL injection, XSS, and plugin-based supply chain attacks. Most security plugins address one or two attack vectors. Atlant Security addresses all of them.

Download Free (Plugin)WordPress - PHP 8.0 or higher - No account needed
WordPress Security Plugin screenshot 1
WordPress Security Plugin screenshot 2
WordPress Security Plugin screenshot 3
WordPress Security Plugin screenshot 4

Overview

Built on a 5-layer defense architecture - Pre-WordPress WAF, Application-Aware protection, Content & Config hardening, Outbound monitoring, and Response & Recovery - Atlant Security replaces 5-6 separate plugins with a single, cohesive security system.

The WAF inspects every request against 28+ attack pattern families before WordPress even loads. The malware scanner checks both files and database entries. Honeypot traps catch bots with zero false positives. And if the worst happens, the Post-Breach Recovery toolkit gives you 12 emergency actions in one place.

Features

Pre-WordPress WAF with 28+ attack pattern families - blocks threats before WordPress loads
Progressive brute force lockout (5 min > 30 min > 24 hours) with username enumeration prevention
Malware scanner with 38 signatures covering files and database - detects backdoors, webshells, crypto miners, and skimmers
Two-factor authentication (TOTP and Email OTP) with per-role enforcement and recovery codes
Honeypot traps - hidden links, fake login pages, comment honeypots with zero false positives
AI crawler management - control 20+ AI/LLM training crawlers with per-crawler toggles
Security headers management with letter-grade scoring (HSTS, CSP, X-Frame-Options, and more)
Session security with cookie hardening, IP + User-Agent fingerprint binding, and concurrent session limits
Rate limiter across 11 endpoint categories including login, REST API, and WooCommerce checkout
REST API per-route access control with authentication requirements and method restrictions
Outbound HTTP monitor preventing SSRF attacks and unauthorized connections
Post-breach recovery toolkit with 12 emergency actions including session termination and key rotation
Real-time visitor dashboard with 15-second auto-refresh and VirusTotal integration
Complete visitor log and tamper-resistant admin audit trail
WordPress hardening - disable XML-RPC, hide version, block file editor, block PHP in uploads
Setup wizard configures core security in under 2 minutes
Zero telemetry, zero phone-home, fully GDPR-compliant

Download WordPress Security Plugin

Plugin - WordPress - Free - No account required

Download Now

System Requirements

  • WordPress 6.0 or higher
  • PHP 8.0 or higher

Release Notes

v1.1.22026-03-30
  • Added About page with 5-Layer Defense Architecture and competitive features
  • Dashboard decluttered - informational panels moved to About page
  • Setup wizard no longer auto-redirects on activation
v1.0.72026-03-20
  • Inner sidebar navigation replaces 23 WordPress submenu items
  • Persistent left panel for all plugin pages
  • Responsive sidebar collapses on smaller screens
v1.0.02026-03-15
  • Initial release with 17 security modules
  • Web Application Firewall with 28+ attack pattern rules
  • Malware scanner, brute force protection, post-breach recovery
  • Real-time security dashboard