Everything you need to know about Saurity WordPress security plugin
Saurity is a free, open-source WordPress security plugin that provides enterprise-grade protection without the risk of locking out administrators. Version 1.1.0 adds cloud integration with Cloudflare, GeoIP blocking, threat intelligence feeds, plus progressive rate limiting, advanced firewall protection, honeypot detection, and emergency recovery systems.
Yes, Saurity is 100% free and open source under the MIT license. There are no premium versions, upsells, or hidden costs. All features are available to everyone at no charge.
Saurity is the only WordPress security plugin that guarantees administrators will never be locked out. It uses progressive rate limiting instead of instant blocking, plus offers cloud integration with Cloudflare, GeoIP country blocking, and threat intelligence feeds - all for free. No premium upsells, no hidden costs.
Yes! Saurity works out of the box with sensible defaults. No complex configuration is required, though advanced users can customize settings to their needs.
Download the plugin from GitHub, upload it to your WordPress site via the Plugins → Add New → Upload Plugin menu, and activate it. Full installation instructions are available in our documentation.
Saurity requires WordPress 6.0 or higher and PHP 8.0 or higher. It works on all major hosting platforms including shared hosting, VPS, and dedicated servers.
No, Saurity works immediately after activation with secure default settings. However, you can customize rate limiting thresholds, IP whitelists, email alerts, and other settings in the plugin dashboard.
While Saurity provides comprehensive protection on its own, it can coexist with other security plugins. However, we recommend using Saurity as your primary login security solution to avoid conflicts.
Progressive rate limiting increases the delay between login attempts exponentially (1s → 2s → 4s → 8s → 16s) instead of blocking users entirely. This discourages attackers while ensuring legitimate users never lose access.
No. Saurity guarantees that administrators with correct credentials can always log in, even during active brute force attacks. This is our unique value proposition.
Emergency recovery provides a special URL that allows you to regain access to your WordPress dashboard even if you are locked out. It uses secure token-based authentication to ensure only authorized users can access it.
Saurity provides comprehensive protection against brute force attacks, XML-RPC exploits, SQL injection, XSS attacks, and bot traffic. While no security solution can guarantee 100% protection, Saurity significantly reduces your attack surface.
Honeypots are invisible form fields that only bots fill out. When a bot is detected via honeypot, Saurity can block or slow down their requests, stopping 99% of automated attacks with zero false positives.
Yes, you can whitelist specific IP addresses or CIDR ranges to ensure they are never rate-limited or blocked. This is useful for office IPs or trusted locations.
Unlike Wordfence, Saurity never locks out administrators and has no premium upsells. Saurity is also lighter on server resources and completely open source. See our detailed comparison page for more information.
If you have ever been locked out of your own WordPress site or frustrated by constant premium upgrade prompts, Saurity is the better choice. We offer all essential security features without the frustration.
Yes, you can safely deactivate your existing security plugin and activate Saurity. Your site will be protected immediately with no downtime.
You will not have access to logs from your previous plugin, but Saurity starts logging all security events immediately upon activation.
No. Saurity is highly optimized with minimal performance impact (<1ms response time). It is designed to protect your site without adding noticeable overhead.
Yes, Saurity is lightweight and works perfectly on shared hosting environments. It uses less than 5MB of memory.
Yes, Saurity works seamlessly with WooCommerce and protects both customer and admin login areas without interfering with the checkout process.
Yes, Saurity is fully compatible with WordPress multisite networks.
If you are an administrator, you should never be locked out. However, if you are experiencing issues, use the emergency recovery URL feature or contact support through GitHub.
Check your WordPress email settings and spam folder. Ensure your hosting provider allows outgoing emails. You can also configure SMTP for better email delivery.
Navigate to the Saurity dashboard in your WordPress admin panel. All security events, blocked attempts, and system status are displayed in real-time.
Yes, Saurity allows you to export security logs for analysis or compliance purposes.
No. Saurity is completely free with no premium version or paid upgrades. All features are available to everyone.
Saurity is released under the MIT license, which means you can use, modify, and distribute it freely, even for commercial purposes.
Yes, community support is available through GitHub Issues. We actively maintain the project and respond to questions and bug reports.
Absolutely! Saurity is open source and we welcome contributions. Check out our GitHub repository to get started.
Yes, you can configure failure thresholds, delay durations, timeout periods, and more in the plugin settings.
Yes, both whitelist and blacklist support CIDR notation for managing IP ranges efficiently.
Yes! Version 1.1.0 includes built-in Cloudflare integration for automatic blocklist sync, GeoIP services (MaxMind, IP2Location, DB-IP), and threat intelligence feeds from AbuseIPDB and Spamhaus. Configure these in the Cloud settings tab.
Currently, Saurity does not expose a public API, but this may be added in future versions based on community demand.
We are here to help! Check out our documentation or reach out to the community.
Download Saurity and protect your WordPress site in minutes.
Download v1.1.0 FreeNo credit card required • 100% free forever • Open source GPL v2 license