Proactive protection and security hardening

Deploy a wide array of security measures to stop spam registrations, spam content, various types of malicious threats, limit and ban access to repeated offenders and more.

coreSecurity Pro ScreenshotcoreSecurity Pro ScreenshotcoreSecurity Pro ScreenshotcoreSecurity Pro ScreenshotcoreSecurity Pro Screenshot
Latest Plugin Release
Version: 1.9
Date: 2024.05.17
Plugin First Released
6 months, 7 days ago
Basic Requirements
PHP: 7.4
WordPress: 5.8
WordPress Multisite
Enabled on the network level

Modular Security

The plugin is based around features that can be disabled if not used. The plugin has Setup Wizard to get you started with basic settings and features configuration.


coreSecurity is based on the feature’s implementation, with the ability to disable features you don’t need.

Multisite Support

The plugin fully supports the WordPress Multisite network, and it works as a network-wide plugin.

coreActivity Integration

coreSecurity depends on the coreActivity plugin for all the security events logging, and it is deeply integrated with it.

Security Tweaks

coreSecurity Tweaks feature has 10+ tweaks for changing various aspects of WordPress for increased security.


The plugin can add security headers, other security features, and firewall into .HTACCESS file (Apache and Litespeed).

Banning IPs

The plugin can auto-ban offending IPs based on various logged security-related activities or ban them yourself.


Connect all your websites via the Bridge to share the banned IPs between them, or get banned IPs from Dev4Press API.


Find all known vulnerabilities in PHP and WordPress, as well as plugins and themes affecting the versions on your website.


Database with 6000+ items, filters, and regular expressions used for firewall, antispam, and other features.

Security Features

The plugin has over 20 features, allowing you to use only what you need: Inspector Tools, direct integration with the coreActivity plugin for security logs, and much more.

Version 1.4 has 27 Features

9 Antispam Features

18 More Security Features

11 Security Headers

Explore the Features

Core Security is built around features, with five features always active, and the rest can be enabled if used. Each feature has its own settings panel with a wide range of fine-tuning options.

Get coreSecurity Pro License
Proactive protection and security hardening

Antispam Features

The plugin has 9 Antispam features with additional shared Antispam Core feature.

Antispam Measures

The plugin has a wide range of antispam filters and scanners; it can detect spam by using DNS and third-party services.

WordPress & bbPress

The plugin can integrate with WordPress comments and trackbacks, and bbPress topics and replies to fight spam.

Forms Plugins

Currently, it supports detecting spam in Gravity Forms, Contact Form 7, Formidable, WPForms, and Forminator plugins.

Security Headers

The plugin has 4 Security Headers features, with CSP Report Logs for the Content Security Policy and NEL Reports for Network Error Logging.

Content Security Policy

CSP is a very important security header that can be challenging to adjust, and coreSecurity tries to make that easier.

Permissions Policy

This security header is still not widely supported, but configuring it is increasingly important.

More Security Headers

This feature includes eight additional security headers; all are easy to configure, with very few settings.

Network Error Logging

NEL is a new security header supported by Chrome and Chromium-based browsers for website connectivity errors.

NEL Error Types

NEL errors are related to DNS, TLS/SSL, HTTP, and TCP issues when interacting with your website.

NEL Reports

The plugin can log all NEL reports and display them in the dedicated panel with details about each report.

Advanced CSP Settings

The plugin allows you to configure the Sandbox part of the policy and flags for insecure content.

Predefined CSP rules

To help set the rules, the plugin includes a library of 60+ popular services that are already configured.

CSP Reports Log

The plugin can log all browser-reported violations to the CSP policy for later analysis and updates.

Security Logs

Extended from coreActivity logs, Security Logs are crucial in analyzing security-related events and taking additional actions. coreSecurity adds over 20 new events into coreActivity for security-related tracking. Various security features use these events.

Get coreSecurity Pro License
Proactive protection and security hardening

Registration & Login Control

Control who can register accounts with advanced filters to stop spammers and control the log in process to eliminate brute force attacks.

Registration Control

Stop spammers registering accounts on your website with a wide range of filters and the use of online services.

Login Limiter

Stop brute force login attempts by limiting the number of failed login attempts for each IP and ban repeat offenders.

Login Honeypot

Use the simple method to protect the login form and eliminate spam bots from logging in to your website with the honeypot field.

Integrity & Malware File Scanner

File Scanner can scan all the website files to check file integrity and scan eligible files for malware.

Integrity Scanner

File scanner runs integrity scan for WordPress core, plugins from WordPress repository, and Dev4Press plugins.

Malware Scanner

Files that fail integrity scan and files that have not been scanned for integrity will be run through Malware Scanner.

Malware Patterns

The plugin features over 400 patterns for malware detection, and it will be updated in future releases.

The File Scanner can scan and present results; it can’t restore or clean infected files. The cleanup of infected files should be done only by experienced expert!

All Dev4Press premium plugins share these features

Settings Import and Export

Tools to export all plugin settings into file with JSON serialization. You can import settings from that file. This way, you can keep your settings safe or transfer settings between websites.

Dev4Press Library

Dev4Press Shared Library contains code and libraries for implementing unified admin interface, reusable code to speed up plugin development, handle plugin settings and more.

Regular Updates

Regular updates to fix reported bugs, fix any security issues, and enhance and improve every aspect of plugins. And using our Updater plugin, you can update directly from WordPress.

Complete Localization

Using WordPress standard PO/MO translation system, making it easy to translate into any language. Dev4Press includes GlotPress instance to handle translations for all the plugins.

Excellent Support

One of our primary goals is to provide the best support possible. This includes an active support forum and ever-expanding knowledge base to you get all the information you need.

Secure and Clean Code

Made with best coding practices, tested for potential security problems. We are constantly working on maintaining full WordPress compatibility and the highest level of security.

Get coreSecurity Pro License
Proactive protection and security hardening

coreSecurity Blog & Support Resources

Get the latest news and blog posts, access the plugin documentation and support forums.

Discover more Dev4Press plugins