WP – Security Tool Kit

Install, Activate, and Updates

There are two ways of installing a module in WordPress. You can install it through the “Plugins Page” or via FTP.
ATTENTION, for FTP installation, it is recommended to contact your WP specialist.



Visit your WordPress Plugins page and click “Add New”




In the new page that has opened, click “Upload Plugin”



Click the “browse” or “choose file” button. Then, select the ZIP file containing the plugin that you want to upload to your WordPress. Once uploaded, click the “Install Now” button



Finally, to use the module you will have to activate it. To do so, please, click on “Activate”. If you need to uninstall the module, please click the “Delete” button



Module Configuration

The Security Tool Kit module has a set of protections systems. You can activate them all at once or one by one. Let’s see how to set up every part of the module.

Google Authenticator


Google Authenticator protects your WordPress backend with a random code. The code will be shown in the Google Authenticator app that you can download for Android in Play Store or for IOS in the App Store.
If you set up 2-Step Verification, you can use the Google Authenticator app to receive codes even if you don’t have an Internet connection or mobile service.


Ipad and Iphone:



You will have to “Enable” this part of the module and scan the QR Code to sync with your Google Authenticator application:



Login Security


Login Protection

  • Basic Protection

By activating Basic Protection, you are giving less clues when login fails.

  • Hide wp-login URL

By activating Hide WP-Login URL, you are changing the standard URL login. Attackers won’t be able to arrive to your login page using the /wp-admin/ path.




  • Enable Firewall

When enabling the Firewall, you will be able to limit the number of login attempts and ban IP’s or/and countries.


Double Authentication

When enabling Double Authentication you auto-logout all users every 3 days.
For more security, you can also activate a second login screen. This extra screen will request a “secret word” before letting the user enter the admin panel.




ReCAPTCHA protects your WordPress by preventing abuse using challenges or automated scores.


Once setup, it will look like this:



Depending on the module, updates can be done through 2 ways:

  • Update via WebService
  • Update via module replacement



Let us know through our contact page or through help@ferrermasson.com


Want your questions answered?