Archives: Instructions
About Login Authentication and 2FA
Really Simple Security offers two login protection approaches. Two-Factor Authentication (2FA) requires a second verification step after entering your password, preventing unauthorized access even if your password is compromised. Method Pros Cons Email Easy setup, no additional apps needed Vulnerable if email account is compromised TOTP/Authenticator More secure, 2FA codes generated on separate device Requires app installation, risk of losing device access Passkey Login replaces passwords entirely with device-based authentication (fingerprint, facial recognition, or security key). Method Pros Cons Passkey
About File Permission Detection
All files and directories on your webserver have permissions which determine who can read, write, modify and access them. Files and directories should not have more permissions than they require; as unnecessarily elevated permissions might leave your site vulnerable to attack. Configuring appropriate permissions significantly reduces the risk of unauthorized access to your WordPress files and folders. Really Simple SSL Pro (since version 8.2.0) introduces the File Permission Detection feature, available under Settings -> SSL & Security -> “Settings” (top
About Region Restrictions
In some cases, you might want to restrict access to your site from certain regions. There are several reasons for doing so; such as complying with (privacy) regulations, or to ensure that content can only be viewed by a desired audience. And then there’s the security aspect to consider, as malicious actors often launch attacks from specific geographic regions. Blocking access from these regions helps to protect against targeted attacks originating from specific geographic areas. Really Simple SSL Pro (8.2)
About CAPTCHAs and Really Simple Security
Starting with Really Simple SSL Pro 8.1 it is possible to implement a CAPTCHA in your login form. In this article we explain how you can configure a Captcha on the default login form for your WordPress website. Navigate to Really Simple SSL -> Settings. Under General settings you will see the ‘Captcha’ block as shown below 2. Currently Really Simple SSL has integrated hCaptcha and reCaptcha v2, which you can select via the Captcha provider dropdown. hCaptcha is the more privacy-friendly
Disabling 2FA when you are locked-out
Really Simple Security has the option to enforce 2FA (Two-Factor Authentication) to protect accounts from unauthorized access when your password is stolen. If for some reason you are unable to receive the required 2FA codes you will be locked out of your website. For example: You lost access to your phone with the TOTP (Authenticator) app, or 2FA was required for your account and the Grace Period to configure 2FA has expired. To disable 2FA in Really Simple Security and