Cairo, Egypt – January 25th, 2025 – Linkers Technology, a leader in server security solutions, is thrilled to announce the release of WP AutoShield®, the newest module in the cPFence security suite. Designed for hosting providers and VPS owners using Enhance Control Panel, WP AutoShield simplifies the process of securing and managing WordPress sites at scale.

With a single command, hosting administrators can now automate advanced WordPress hardening, vulnerability scanning, and performance optimization across all WordPress installations on their servers. WP AutoShield introduces an enterprise-level approach to security, ensuring minimal manual intervention and maximum protection.

Key Features of WP AutoShield®:

  • Automatic Site Detection: WP AutoShield automatically scans and detects all WordPress installations on the server, updating the list daily to include new sites.
  • Vulnerability Scans with Reports:
    • Weekly vulnerability reports are provided in Excel format, listing security issues with detailed paths and ownership information.
    • Administrators can resolve vulnerabilities with a single command:
      cpfence --bulk-update-wordpress
    • The system verifies site functionality post-update and automatically resolves common issues like stuck .maintenance files.

  • Performance Optimization: Disable WordPress cron across all sites to improve server performance and resource utilization.
  • Admin Security Hardening: Block file editing in WordPress admin, enforce secure file permissions, and generate missing secure keys for all installations.
  • Automated Permissions Management: WP AutoShield applies best-practice permissions (644 for files, 755 for folders) and locks critical files (e.g., wp-config.php) to ensure security.
  • Daily Security Hardening: Protect core files such as wp-config.php, secure wp-includes, and block PHP execution in upload directories to guard against accidental misconfigurations.
  • XML-RPC Protection: Automatically disables XML-RPC across all sites, responding with a 403 Forbidden error to block abuse attempts.
  • Brute Force Defense: Implements login rate limits and blocks offending IPs, safeguarding wp-login.php.
  • Idle Session Management: Automatically logs out inactive admin users after 60 minutes, reducing the risk of unauthorized access in shared environments.
  • Captcha Integration: Adds math CAPTCHA to login, registration, and password recovery forms, enhancing protection against brute force attacks.
  • Admin Username Protection: Optionally renames insecure usernames (e.g., admin) to secure alternatives, providing email reports of the changes.
  • XSS and Risky Code Prevention: Disables iframes, embeds, and risky scripts server-wide, preventing XSS vulnerabilities in WordPress posts.


Why WP AutoShield Matters:

WordPress is the backbone of millions of websites, but it’s also a common target for cyberattacks. WP AutoShield addresses this challenge by automating robust security measures, reducing manual effort, and allowing hosting providers to scale their services securely.
For more details about WP AutoShield and the complete cPFence security suite, visit cPFence.app.