Imagine you have a security/firewall plugin on your WordPress site, and somehow, even then, somebody gains access to the site through a security breach on an old plugin (for example), couldn’t that hacker just turn off the security plugin and make it even easier?
Yes, they could.
Also, consider the scenario that you’re managing the site for someone else who doesn’t quite understand the workings of the plugins and they accidentally turn off the security plugin without your knowing.
As of version 1.8 of the WordPress Simple Firewall, we offer you the unique option to lock-up your WordPress security away from people who shouldn’t ever be playing with it in the first place.
A security plugin that secures itself – The WordPress Simple Firewall
The self-security feature of the WordPress Simple Firewall is quite simple.
You supply an Admin Access Key when you activate the feature.
Then, every time you want to access the WordPress Simple Firewall options, you’ll be presented with a screen to enter this access key.
If you supply the correct access key, you’ll be able to proceed. If you don’t, you wont.
After you enter the access key, you’ll automatically be granted 30 minutes of access to the plugin. This will automatically expire and then you’ll need to enter your access key again.
You can, if you want, change the length of time you have access per session. This is entirely up to you.
What if you forget the Admin Access Key?
Simple, you can turn off the whole firewall using the files system based override.
We believe all WordPress security plugins should themselves be protected by some measure or another.
There are more ways in which we will add self-protection to this plugin, but this is a good start.