SecuPress Free — Sécurité WordPress



Protect your WordPress with malware scans; block bots & suspicious IPs. Get a complete WordPress security toolkit for free or as a pro plugin. SecuPress is GDPR compliant.

What’s the difference between free and pro version?
If you are proactive, our free WordPress security plugin is a great choice! No time to activate weekly scans? Then SecuPress pro is the way to go. Our plugin takes care of everything with automated tasks.

Here are some of our most popular features:

  • Anti Brute Force login
  • Blocked IPs
  • Pare-Feu
  • Security alerts (1)
  • Malware Scan (1)
  • Block country by geolocation (1)

We have included some features you won’t find in most WordPress security plugins:

  • Protection of Security Keys
  • Block visits from Bad Bots
  • Vulnerable Plugins & Themes detection (1)
  • Security Reports in PDF format (1)

You can check out Frequently Asked Questions or get in touch with our support. Want to know all about SecuPress? You can read our documentation here:

How will you know it works?
Well, we have a dedicated security scanner that will give you a clear security grade and report for your website. This way, you’ll know exactly what to fix.

WordPress Features

Security Audit
SecuPress is the only plugin with a full scanner able to fix the issues for you. And when it requires a decision from you, it will ask you before proceeding. With this feature, you can check 35 security points in 5 minutes and let us take care of the rest.

Once done, you get a security grade that gives you a clear idea of what your security level is. You can export this analysis in PDF format to share with others (clients or colleagues) (1).

Users & Login
This feature is the easiest way to make sure your users’ data is protected and to keep their accounts from being compromised. With this feature you can limit the number of bad login attempts, ban non-existing usernames login attempts and set a non-login time slot. SecuPress also makes sure you can avoid double logins and control your sessions.

SecuPress also adds a 2FA (Two Factor Authentication) because it’s almost a mandatory feature when it comes to WordPress security!

The plugin also gives you greater user and password control as you can set:

  • Password lifetimes for your users.
  • Enforce strong password use.
  • Forbid the use of vague usernames like www or admin.

Tired of bots finding your WordPress login page? Finally, don’t let bots find your login page, just move it with the famous Move Login plugin, now included in SecuPress.

Plugins and Themes
SecuPress helps you detect themes and plugins that are vulnerable or that have been tampered with to include malicious code. If you install one of these, your security module will send out an email alert and give you a warning in WordPress.

SecuPress takes security further by limiting plugin activation, deactivation, installation and removal in your production (live) website. Plugin and theme uploads via .zip files will be on lockdown as well to block off this easy hacking route.

WordPress Core
SecuPress reinforces the WordPress Core to keep it safe. The security plugin optimizes what’s under the hood to secure the config file by setting the proper parameters.

Sensitive Data
SecuPress secures content in many ways:

  • The plugin secures WordPress Endpoints and APIs by blocking bad requests for XML-RPC or REST API.
  • It blocks bad bots with its Robots Blackhole feature.
  • It provides an anti-hotlink feature to preserve your bandwidth.
  • The plugin packs 7 anti-disclose security modules to make sure no precious information is available to hackers in your PHP or WordPress itself.
  • Profile and SecuPress settings pages are password protected to keep sensitive information away from prying eyes.


  • SecuPress is one of the most efficient WordPress bouncer you’ll ever see!
  • The plugin blocks malicious incoming requests.
  • It blocks bad User Agents (no bad crawlers allowed).
  • Bad requests methods also get the boot in a single click.
  • URLs are kept in check: no bad URL contents.
  • SQL injection scanners are kept out as well.
  • Brute force attempts are stopped in their tracks.
  • GeoIP Blocking by country gives you more control over your traffic.

Malware Scan
SecuPress has a unique malware scan developed by our security experts. It hunts down bad files and provides you with an easy step-by-step report that lets you take action. It looks into:

  • Bad files in your FTP.
  • Your uploads folder for dangerous files.
  • Potential phishing attempts via index.php loads.

We know firsthand how painful it is to pick up the pieces after an attack damages your WordPress. SecuPress preserves your data to help you avoid lost content or settings if your website comes under attack. The plugin backs up your database and files and lets you download them to guarantee you peace of mind.

Anti Spam
Did you know that 60% of the traffic on the Internet is generated by bots? Most of them happen to be spam bots. We developed our own anti-spam system that works quietly in the background. Just activate it and enjoy a spam free experience.

Alerts are an essential tool when your website is under attack. When something important happens on your website, SecuPress will send you an alert via email. We’re working on alerts via SMS, Slack & Twitter as well.

You also receive a daily report that provides a debrief of the attempted attack and all the activities blocked by SecuPress.

Scheduled Security Tasks
SecuPress can run 3 separate scheduled tasks for you. It’s like having a security patrol on your WordPress.

Scheduled Scanner: SecuPress scans your website to detect any issues. After the scan is complete, you get a report in your inbox outlining any actions you have to take to protect your website.
Scheduled Backup: our team knows that everyone at one time or another forgets to back things up. We made it an automatic task to help ensure you always can recover from an attack with your content safe.
Scheduled Malware Scan: this security feature scans your website at regular intervals to hunt down any malware that may have gotten into your WordPress.

SecuPress will keep a log of important security activities and 404 pages triggered by users, bots or even Chuck Norris. This lets you keep an eye on what’s going on in your WordPress at any time. You can also control banned IPs from this option.

(1) Available in the Pro Version.

(SecuPress est une extension de sécurité WordPress française)

Captures d’écran

  • All modules from SecuPress
  • A module page (here is Users & Login)
  • Le premier scan
  • La 1ère étape: résultat du scan
  • La 2ème étape: choisissez ce que voulez corriger automatiquement
  • SecuPress is fixing issue for you
  • The 3rd step: manual fix, when you have to decide something
  • The 4th step: final report, you can export it as PDF (1)


It’s important to delete all other security plugins before activating SecuPress.

  1. Upload the plugin files to the /wp-content/plugins/secupress directory, or install the plugin through the WordPress plugins screen directly.
  2. Activate the plugin through the ‘Plugins’ screen in WordPress.
  3. Use the SecuPress->Settings screen to configure the plugin.


What does SecuPress do, exactly?

SecuPress est une extension pour les sites WordPress qui amène une meilleure sécurité sans sacrifier l’utilisation. C’est simple à utiliser pour vous et difficile à pirater pour les hackers. D’abord SecuPress scanne votre site, cherche les vulnérabilités et fourni un rapport détaillé sur la façon de renforcer la sécurité de WordPress. La majorité des recommandations sont simples à mettre en place via une simple case à cocher, peu de manipulations sont à faire manuellement.

What makes SecuPress better than any other security plugin?

SecuPress protège votre site sur plusieurs fronts : anti spam, double authentification. La meilleure fonctionnalité pour les utilisateurs et sa simplicité d’utilisation. Vous n’avez pas à être un technicien expérimenté pour utiliser et sécuriser votre WordPress comme un expert !

Nos alarmes de sécurité hébergées sur nos serveurs amènent des données des vulnérabilités récentes des extensions et thèmes. Cela permet de toujours être attentif et sécurisé.

Is SecuPress compatible with multisites installation?

Yes, SecuPress can be activated for all your sub-sites, just activate it from your main network site.

Est-ce que SecuPress est compatible avec tous les hébergeurs ?

Oui, SecuPress est compatible avec tous les hébergeurs comme WP Serveur, OVH, Siteground, BlueHost, PlanetHoster, WP Engine, O2Switch ou GoDaddy. SI vous rencontrez un problème, n’hésitez pas à contacter l’équipe du support.

Est-ce que SecuPress est compatible avec toutes les extensions de cache comme WP Rocket, W3 Total Cache, WP Super Cache ?

Yes, SecuPress is compatible with all WordPress caching plugins. If you encounter an issue, do not hesitate to contact our support team.

Is SecuPress compatible with all multilingual plugins like PolyLang, WPML, qTranslate?

Oui, SecuPress est compatible avec toutes les extensions WordPress multilingue comme PolyLang, WPML, qTranslate. SI vous rencontrez un problème, merci de contacter l’équipe de support.

Is SecuPress compatible with all server engines like Apache, Nginx, IIS7?

Yes, SecuPress is compatible with all server engines. If you encounter an issue, do not hesitate to contact our support team.

Is SecuPress compatible with other security plugins like WordFence, iThemes Security, Bullet Proof Security?

La réponse est non. SecuPress n’est pas compatible avec d’autres extensions de sécurité. Tout comme 2 extensions de cache ne rendrons pas le site plus rapide, 2 extensions de sécurité ne rendent pas votre WordPress plus sécure. Les règles de sécurité pourraient être en conflit si 2 extensions étaient installées. Ceci peut causer des erreurs et ce n’est pas recommandé.


29 juillet 2019
As a paying customer of SecuPress I had good experiences with support and the plugin. But over the last months issues have not been resolved and the support delayed or did not resolve the issue at all. My client received almost 2000 2Auth mails in his mailbox and the developer stated that this issues could not be replicated. During investigating the issue the developer just went on vacation and it took almost 2 weeks before he responded. He promised to resolve things in version 1.5. In the meanwhile I had to find a resolution for the 2Auth option. When I asked him to install a 2Auth plugin, I discovered it could interfere with the WooCommerce account login. Also a previous resolved issue with the log display of the plugin occured again. Although this should be resolved in the plugin update. As I had no confidence in issues being resolved, I asked for a refund because I had just paid for the subscription renewal. But SecuPress offered nu refund or any financial compensation for the plugin malfunction. The only response was that I had to stay confident and they would be trying to resolve things. Also they called my installations messy which is just utter nonsence. So after almost 3 years of plugin membership I decided to take the financial loss as I cannot take the risk for my company and clients to be exposed to these uncertainties.
20 juin 2019
All too often follow on support for WP-plugins are lethargic at best. SecuPress has always promptly responded to simple questions and complex support issues. This latest update solved a major issue I was having and added a feature that I had only mentioned in passing. No more spoon feeding single IP's. SecuPress now allows multi-line entry of wide range of IP and IP range formats. This was well beyond expectations and is a much welcomed feature. Thank you!
11 juin 2019
I tried several security plugins before settling on SecuPress. It is capable, secures my site, lets me see which IPs are attacking my site. The other security plugins I found were either too expensive or far too high an impact on performance. For me SecuPress is perfect and security is very important to me - highly recommended and the support was great too.
4 juin 2019
Le SAV est très compétent, rapide et patient avec les débutants. Interface facile de prise en main. Je recommande.
2 juin 2019
J'adore ! Faudrait ajouter une option pour le HTTPS ^^ Je le recomande !!! Frank, le blog du helpeur
Lire les 75 avis

Contributeurs & développeurs

« SecuPress Free — Sécurité WordPress » est un logiciel libre. Les personnes suivantes ont contribué à cette extension.


“SecuPress Free — Sécurité WordPress” a été traduit dans 3 locales. Remerciez l’équipe de traduction pour ses contributions.

Traduisez « SecuPress Free — Sécurité WordPress » dans votre langue.

Le développement vous intéresse ?

Parcourir le code, consulter le SVN dépôt, ou s’inscrire au journal de développement par RSS.



  • 26 August 2019
  • New Feature#736: Do not allow User Creation
  • Fix#737: Blacklist IP didn’t worked as expected, fixed now.
  • Fix#733: Add a try/catch on shell_exec test to prevent fatal errors (seems that functions_exists is not enough oO)
  • Improvement#734: Prevent the plugin to be tagged as malicious because of all the « bad words » contained in the code