All-In-One Security

WordPress Plugin Features

All-In-One Security plugin
The All In One WordPress Security and Firewall is​ a distinct plugin specialized in the security of WordPress sites, which has won the trust of millions of users of this platform.
Here we present a summary in which we explain about this plugin and the most important advantages it provides to the user.
We have used several sources in writing this summary, on top of which comes the official website of the developers, as well as the opinions of users on the site, in addition to our personal opinion based on our experience with it.


We include here the ​users rating and a summary of their opinions on this plugin, according to the site.

Final rating: 4.8 stars

Rating percentages:
5 stars: 87%
4 stars: 10%
3 stars: 2%
2 stars: 0.5%
1 star: 0.5%

All In One Security and Firewall is a well-received plugin that provides robust security features for WordPress sites. Users appreciate its comprehensive protection and ease of use, making it an excellent choice for website security.

What does All-In-One Security for WordPress do?

What does All-In-One Security for WordPress do?


Protect against brute-force attacks and keep bots at bay. AIOS takes WordPress’ default login security features to a whole new level.

Supports best practice

AIOS detects if an account has the default ‘admin’ username or if a user has identical login and display names, prompting the user to change this in support of better security practices.

Hide login page from bots

Configure a custom URL for the WordPress ‘Admin’ login page, making it harder for bots to find.

Change default WP database prefix to a value of your choice

Hackers use automated code to attack websites like yours. Make life harder for them and protect your site with this simple but effective AIOS security feature.

Login lockdown

External users making multiple login attempts can be locked out for a configured period of time. You can also lockout users with invalid usernames. See a list of all locked out users and unlock with one click.


AIOS provides a wealth of information about users of your WordPress website. View activity by username, IP address, login and logout dates and times. See a list of users currently logged in, and a list of all failed login attempts.

Force logouts

Ensure users don’t stay logged in indefinitely. With AIOS you can force logouts for all users after a configurable amount of time.

Robot verification

Add Google reCAPTCHA, plain maths CAPTCHA or a honeypot to registration pages to prevent spam registration or enable manual approval of user accounts instead.

Stops user enumeration

Prevent external users and bots from fetching user information via author permalink.

Simple two-factor authentication

Our unique role based feature allows site owners to turn off TFA for some user roles or make it compulsory for others. AIOS TFA supports Google Authenticator, Microsoft Authenticator, Authy and many more.

Password strength tool

Calculates how long it would take for your password to be cracked in the event of a brute force attack.

General visitor lockout

Put your site into “maintenance mode” and lock down the front-end to all visitors. This can be useful while doing back end tasks, like performing site upgrades or investigating security threats.

Frequently Asked Questions

Note: All the following questions and answers are taken from the support section of the  AIOS

Is All-In-One Security compatible with other plugins?

Yes. AIOS works smoothly with most popular WordPress plugins.

Is All-in-One-Security regularly updated?

Yes. WordPress Security is something that evolves over time. We update AIOS with new security features (and fixes if required) on a regular basis so you can be assured that your site will keep benefitting from new security protection techniques for as long as you need them.

Should I install All-In-One Security for free or should I purchase AIOS Premium?

The decision is yours to make. ‘Free’ AIOS incorporates a web application firewall, comprehensive login security tools including two-factor authentication and all the latest recommended WordPress security practices and techniques.
But if your WordPress site is a business website, if it showcases what you do, or who you are, we generally recommend AIOS Premium. Prices start from as little as $70 for the year.

What are the additional features of All-In-One Security Premium?

AIOS Premium scans your WordPress website for malware whilst aso monitoring your site’s response time and uptime, notifying you of any issues within 24 hours, AIOS Premium customers also benefit from hands-on ticketed support via email (rather than via WP Support forums).
Additional security tools include Country Blocking, Smart 404 Error Blocking and Advanced Two Factor Authentication.
More information is available from our All-In-One Security website

How do I get started with All-In-One Security Premium?

In the web shop, purchase your preferred subscription. After completing the purchase, you will be emailed a link to download the plugin. You can also access the link through your “My Account” page.
After downloading the zip file, install and activate the plugin through WP Admin->Plugins->Add New->Upload Plugin.
The premium extends the free version. Therefore you should keep the free version installed and active. You will also be prompted to enter your AIOS username and password to connect your site to licenses. This will allow the plugin to receive updates.

Do I need to have the free version before downloading Premium?

No, you do not need to have the free version of the plugin installed before installing Premium. The premium plugin will automatically deactivate the free version if it is installed on the site.

Does All-In-One Security work with multi-site network installations?

Yes, AIOS Premium is compatible with WordPress multisites. For multisite networks, the protection will apply to the network as a whole, and the dashboard and options will be available on the main site of the WordPress multisite.

Can a WordPress security plugin stop all attacks on my site?

There is no 100% guarantee that a security plugin will be able to protect against all attacks, as there is always the possibility of unknown WordPress vulnerabilities or other unexpected factors, and attackers are always seeking to develop new ways around protections. However, All-In-One Security gives good protection against known attack methods, and is under continuous development to monitor and improve protections.

Does All-In-One Security work on all servers and hosts?

AIOS should be compatible with most hosts, unless the host has specifically restricted the use of security plugins. Similarly, certain features may not work on some servers, especially Windows/IIS platforms. Features that use the ‘.htaccess’ file will not apply on a Windows IIS server or NGINX server (but development is ongoing to port those protections to all servers).

Can I cover my subdomains and test sites with a licence for AIOS Premium?

Development and test sites require their own licence if updates to the plugin are needed.
However, these sites can be disconnected from the licence when they have served their purpose. You can disconnect the licence via the site’s WP Admin->Plugins page, and it will be available to be reassigned to a different site.

Preview summary

This plugin is designed for WordPress administrators seeking a complete security solution, offering features like login protection, firewall settings, and database backup for an overall safer website.

In our hosting plan

We offer you all the benefits of the AIOS Premium Package, which contains:

Login Security Feature Suite
Firewall and File Protection Feature Suite
Content Protection Feature Suite
Malware Scanning
Automatic Malware Scanning
Response time monitoring
Up-time monitoring
Prevents blacklisting by search engines
Flexible assignment
Malware reports
Flexible Two-Factor Authentication
Authenticator apps
Role specific configuration
Require TFA after a set time period
Trusted devices - control how often TFA is required
Anti-bot protection
Customise TFA design layout
TFA Emergency Codes
TFA Multisite Compatibility
TFA Support for login forms
Smart 404 Blocking
Automatically and permanently blocks bots producing 404s
404 error charts
Country Blocking
Block traffic based on country of origin
Whitelist some users from blocked countries
Premium Support
Unlimited Support
Guaranteed response time

stay informed

The latest tech news, the WordPress world, tutorials, and helpful tips. Sent once ​a day. You can opt out at any time - we respect your privacy.

    Newsletters to keep you close

    Congratulations! You've just joined our knowledge community! We're excited to share insightful content with you. Remember, you can unsubscribe at any time if you wish. Welcome aboard!
    Unfortunately, your message couldn't be sent at this time. Please refresh the page or try again later. If the problem persists, please contact us directly.

    Third party logos and marks are registered trademarks of their respective owners. All rights reserved

    Don't Leave Just Yet!

    Subscribe To Our Weekly Newsletter!

    Subscribe to our weekly mailing list to stay updated on the latest in economics and the digital world, and get free links to download two comprehensive educational packs with video lessons on email marketing and SEO.

    Subscription Form for Popup