FortressX Security – Firewall, Security Scan & Hardening
Security dashboard
FortressX Security helps protect WordPress websites with practical security tools designed for site owners, freelancers, agencies and WooCommerce stores.
The plugin focuses on the security tasks that matter most in day-to-day WordPress administration: login protection, request filtering, file integrity monitoring, security hardening, security reporting and clear visibility into the security status of your website.
FortressX is designed to be easy to understand and manage without overwhelming users with unnecessary complexity.
Key Features
- Login protection and brute-force mitigation
- Firewall and request protection tools
- XML-RPC protection
- REST API user enumeration protection
- Security hardening recommendations
- File integrity monitoring
- Malware and security scanning tools
- Security reports and status overview
- Security event monitoring
- Cloudflare integration tools
- Maintenance and cleanup utilities
- Modern and easy-to-use administration interface
Who Is FortressX For?
FortressX Security is suitable for:
- Website owners
- Freelancers
- Agencies
- WooCommerce stores
- Business websites
- Managed WordPress environments
Whether you manage a single website or multiple client projects, FortressX provides a practical set of security tools to help monitor and improve the security posture of your WordPress installation.
Optional Pro Add-on
A separate commercial add-on may be available outside WordPress.org.
The free WordPress.org version remains fully functional and does not require a license key to use any of its included features.
The optional Pro add-on may provide additional security intelligence, monitoring capabilities, agency-oriented tools and other premium services.
Data Handling and Privacy
FortressX Security performs security-related checks within the local WordPress installation.
The plugin stores security settings, scan results, monitoring information, logs and security-related status data locally to provide security insights, reporting and administrative actions.
FortressX does not intentionally transmit WordPress user passwords, private content, customer order data or complete website files to external services.
External Services
Some optional features can connect to external services when enabled or configured by the site administrator.
FortressX Intelligence Feed
Purpose:
Provides signed security intelligence updates and security-related rule data.
Data transmitted:
- Site URL or domain
- Plugin version
- Technical environment information required for compatibility and update delivery
Used only when the related intelligence functionality is enabled.
Privacy Policy:
https://fortressx-security.com/privacy/
AbuseIPDB
Purpose:
Optional IP reputation checks for security and login protection features.
Data transmitted:
- IP address being checked
- AbuseIPDB API credentials configured by the administrator
Used only when enabled and configured by the administrator.
Terms:
https://www.abuseipdb.com/legal
Privacy Policy:
https://www.abuseipdb.com/privacy
Cloudflare API
Purpose:
Optional Cloudflare-related security and cache management actions.
Data transmitted:
- Cloudflare account information configured by the administrator
- Data required to perform the selected Cloudflare action
Used only when enabled and configured by the administrator.
Terms:
https://www.cloudflare.com/website-terms/
Privacy Policy:
https://www.cloudflare.com/privacypolicy/
Background Tasks
FortressX Security may use WordPress scheduled tasks (WP-Cron) for security-related maintenance, monitoring and update operations.
These tasks are designed to run only when required by the enabled functionality.