GD Security Toolbox


Proactive protection and security hardening

A collection of many security related tools for .htaccess hardening with security events log, ReCaptcha, firewall, and tweaks collection, login and registration control and more.

Current release
Version: 2.8.1
Date: 2021.04.20
First released
7 years, 6 months ago
System Requirements
PHP: 7.0
WordPress: 5.0
or ClassicPress: 1.0
bbPress: 2.5
Enabled on the network level

Pro-active Security

Security tools to help you prevent serious website attacks and spam overload.

Addons Architecture

The plugin has several core features, and most other features are optional and they can be enabled or disabled

Security Events Log

All sorts of the information gathered by the plugin is logged in security log and can be used for audit and actions

Banned IP Log

You can ban IP’s based on the logged activity, and the IP’s on the ban list will not be able to access your website.

Registration Control

Control the account registration process using varius filters and detection methods to stop bots from registering.

DNSBL Support

Check various data against different online services to identify spam sources and malicious servers.

Security Notifications

Get instant or digest notifications for all or for only selected events logged in the plugin’s security log.


Always active feature with several types of scanner to identify various types of attacks and exploit attempts.

Ban any IP

Ban IP’s from security log, or use simple control on plugin’s dashboard to ban any IP permanently or temporary.

Security Scanners

Access to several online third party security scanners that can give you overview of various security related information.

Antispam Tools

Wide range of tools to detect and stop spam

Stop Spam

Plugin has many different filters to determine if the submitted content is spam, and even ban IP source of the spam.

For Comments and Trackbacks

Scan content of comments, including analysis of email, website URL, check IP against online services to detect spam.

For Gravity Forms

All the same methods as for the comments spam detection, but applied against the GravityForms entries.

For bbPress Forums

And, detect spam for topics and replies, using similar scan methods as for the comments, with option to mark users as spammers.

Banned Keywords Rules

Maintain the list of banned (and allowed) keywords for content, username, domain and email analysis.

Automatic IP banning

Set up the rules for the banning of IP’s (permanent and temporary with time limit) for all anti spam tests.

Security Headers

Security tools are all available as addons you can disable or enable if needed.

Content Security Policy

Powerful security header defining allowed types of content and sources for the content. Also known as CSP.

XSS Protection

Security header for protection agains the cross-site exploits (XSS) with various options to define the header format.

Permissions Policy

New type of security header defining various features and which of them are allowed or blocked.

And More Headers

And several more important security headers that can easily the enabled and configured for inclusion.

Log CSP/XSS reports

CSP and XSS errors are reported by browsers, and plugin can log them for analysis later (and tweaking of the rules if needed).


All headers are generated on each page request, or they can be added to the .HTACCESS file.

More Security Features

Security tools are all available as addons you can disable or enable if needed.

Integrity Scanner

Scan WordPress core files, free plugins and themes, Dev4Press plugins for integrity and mark invalid or modified files.

Malware Scanner

Series of various malware detection tests run against files of the website (targetting PHP and JS files).

Security Tweaks

Collection of various small features for control over XMLRPC, headers, HTTP requests and more.

Username Trap

Log all attempts at using predefined list of usernames that are not allowed. Ban IP’s with repeated attempts.

Login Honeypot

Add honeypot protection to WordPress login form as a simple way of detecting bots attempting to login.

Plugins Bridge

Get security related information from third party plugins that support connecting with GD Security Toolbox.

Login Limit

Control number of failed login attempts, and control it using throttle, or ban offending IP’s for too many failures.

Live Monitor

Show real time logged security events with the geo location displayed on the Worldmap, with the basic security related actions.

.HTACCESS Hardening

Collection of many .HTACCESS related rules, including many firewall related for hardening website security.

Spread the word about this plugin, share on social networks:

Knowledge Base and Support

Knowledge Base

To get help for this plugin, start with FAQ and the Knowledge Base.

Knowledge Base

Support Forums

If you need help with the plugin or to report problems, use support forums.

Support Forum

Request Demo

Do you have doubts about whether this plugin is right for you? Test it first.

Request Demo

Plugin Translations

Plugin's basic language is English. The plugin is translation ready, with empty POT file with all the string included in the plugin directory.

The plugin also includes full or partial translations for:
Dansk (Danish), Deutsch (German), Deutsch Schweiz (German, Switzerland), Español (Spanish, Spain), Español de Argentina (Spanish, Argentina), Español de México (Spanish, Mexico), Français (French), Français de Belgique (French, Belgium), Français du Canada (French, Canada), Italiano (Italian), Nederlands (Dutch), Polski (Polish), Português (Portuguese, Portugal), Português do Brasil (Portuguese, Brazil), Русский (Russian).

It is possible that plugin has some minor spelling issues, mistypes words and other issues. Please, report any problems you find, and they will be fixed, and POT file updated when needed.

You can join the translations project for this plugin, and help with translating it to your native language. You can read more about it here: Plugin Translations.

Translations on

Plugin Accessibility

Plugin Accessibility Status

Front End: Not Applicable
Admin Side: Yes

Report Accessibility Issues

Web accessibility is increasingly important factor in web development, and with the accessibility support you are making sure that people with disablities are able to use your website. Developing for accessibility is one of the priorities on Dev4Press, and we are using WCAG guidelines and approved tools to test our plugins and improve accessibility for on both admin side and the front end (for plugins with front end controlls and features).

Keep in mind that there still might be some accessibility issue with the plugin, and if you find any, please report them via support forum, and such report will be given highest priority, and issue will be fixed as soon as possible.

More Features

Settings Import and Export

All Dev4Press premium plugins have a set of easy-to-use tools to export all plugin settings into files with JSON serialization. And you can export settings from that file. This way, you can keep your settings safe or transfer settings from one website to another.

Browser Compatibility

All our plugins are compatible with all popular internet browsers. This includes Google Chrome, Mozilla Firefox, Apple Safari, Opera, and Microsoft Edge, all tested across different operating systems and desktop and mobile devices.

Regular Updates

All Dev4Press premium plugins are constantly developed and will receive regular updates to fix reported bugs, fix any security issues, and enhance and improve every aspect of plugins. And using our Updater plugin, you can update directly from WordPress.

Complete Localization

All Dev4Press free and lite plugins have a WordPress standard PO/MO translation system implemented, making it easy to translate into any language. Depending on the plugin, translations can be split into two or more files for easier translation handling.

Excellent Support

One of our primary goals is to provide the best support possible. This includes an active support forum, priority support (for Agency license), and an ever-expanding knowledge base and FAQ to ensure you get all the information you need for our plugins.

Secure and Clean Code

All Dev4Press premium plugins are coded using best coding practices, with code tested for all potential security problems. We are constantly working on maintaining full WordPress compatibility and the highest level of security for all our products.

Discover more Dev4Press plugins



Generate all sorts of demo data for WordPress

GD bbPress Tools

GD bbPress Tools

Enhancing WordPress forums powered by bbPress

GD bbPress Attachments

GD bbPress Attachments

Attachments for forums powered by bbPress

GD Knowledge Base Pro

GD Knowledge Base

The knowledge base plugin you have been waiting for