In your website’s Security Settings, you can manage certain aspects of your site’s security. This guide will explain each setting.
This feature is available on sites with the WordPress.com Creator and Entrepreneur plans, and the legacy Pro plan. For sites on the free, Starter, and Explorer plans, upgrade your plan to access this feature.
In this guide
To visit the Security Settings:
- Visit your site’s dashboard.
- Navigate to Jetpack → Settings.
- Select the “Security” tab.
Each setting found here is explained below.
While rare, a site may go offline if an unexpected error occurs, such as an unsuccessful plugin or theme update. In these cases, you can have Jetpack monitor your site and notify you if it becomes unresponsive. This is a great way to reduce downtime on your site.
Jetpack monitors login attempts on your site to identify and block malicious actors who may try to gain access with a technique called brute force login attacks. When an attacker fails to log into your site too many consecutive times, Jetpack temporarily blocks any further login attempts from their IP and may present a math problem to solve to get back in.
WordPress.com uses features from our own admin alongside the traditional WP-Admin dashboard. We enable “Allow users to log in to this site using WordPress.com accounts” by default to seamlessly bridge the WP-Admin and WordPress.com settings. This setting is referred to as Secure Sign On.
We recommend keeping this setting turned on, as disabling this option will result in some pages in the dashboard prompting you to log into WP-Admin manually. For more details, check out our Secure Sign On page.