Rogue admin protection for WordPress

In today’s world, where data breaches and cyberattacks have become all too common, adopting a comprehensive security strategy is a must. It’s not enough to focus on one specific aspect of your website’s security. You need to have secure passwords, keep your plugins up-to-date, configure your security headers correctly, and make sure your settings are set to secure defaults. But even then, there is no guarantee that your site won’t get compromised.

This is why you need “Security in Depth.” This multi-layered approach means that no single security measure is infallible and aims to create overlapping layers of defense to safeguard against a wide range of threats. The concept of Security in Depth draws inspiration from the principles of physical security, where a property is fortified with multiple security barriers such as gates, fences, surveillance cameras, and guards. Likewise, for your WordPress website, security in depth emphasizes layering diverse security measures, consisting of preventive, detective, and corrective measures.

Preventive Measures are the First Layer of Defense

Preventive measures are the first layer of defense and are designed to block unauthorized access. These measures include strong passwords, multi-factor authentication (MFA), hardening settings, and regular security updates. The second layer of defense consists of detective measures.

Detective and Corrective Measures

Detective measures focus on timely detection and response to intrusions or anomalies. This involves monitoring and alerting of unauthorized access attempts and the detection of known vulnerabilities in your plugins and themes. Corrective measures are the third layer of protection. These measures deal with mitigating the impact of a successful attack. In the event of a breach, having backup and recovery plans in place can significantly reduce downtime and data loss. Some corrective measures can even automatically block hack attempts in progress and prevent further damage to your website.

Introducing “Rogue Admin Protection” for WordPress

Really Simple SSL is introducing a new security feature that combines detective and corrective measures to protect against the creation of “rogue” admin accounts.

In many cases, when a WordPress site gets hacked, the attackers will use vulnerabilities to create a new account with administrator privileges, which they will then use to further compromise your website and ensure they keep access to it. 

With Really Simple SSL Pro’s “Rogue admin protection,” any attempt to assign the admin role to a user in a different way than through the regular user profile interface will result in the user being demoted to the subscriber immediately, and an e-mail notification will be sent to the site administrator. 

This way, the attempt to hack your website will most likely fail, and you’ll be notified of the attempt so you can take measures to fix the vulnerability that made the hack possible.

To protect your website against the creation of rogue admins, simply enable the “Restrict creation of administrators” setting under advanced hardening in Really Simple SSL Pro.