To activate grade report navigate to iThemes Security -> Settings and under the Global Settings module click Configure Settings. At the bottom of the page, change to "Yes" under Enable Grade Report and save the settings. After navigating to the Grade Report page from the iTheme Security dashboard, click the Grade Report item in the iThemes Security menu.
On the Grade Report screen, the first thing you’ll see you’ll is the overall security grade for your website.
iThemes Security takes several factors into consideration when issuing your security grade, including your software and security settings. In this case, the website got a C, which isn’t great. Since some security issues are more important than others, those issues are weighted to have a larger impact on your overall grade.
In the Summary section, you’ll see a graph indicating the best possible grade your website can achieve. This will help give you a better idea of which security issues are more pressing to resolve so you can get your best grade.
First up, iThemes Security checks the software installed on your website, including WordPress core, any themes or plugins, and even the PHP version running on your website’s server to make sure you’re running the latest versions. In the Software section, you’ll see a snapshot of this report.
Just click the Resolve Issues button in the upper right corner to see more details for your software and the individual grades for each item. From here, you can select the box next to each item or the “Select All Resolvable Issues” box to fix the issues.
In the Security Settings section, you’ll see a snapshot of the grade of your current settings. These settings include actions you can take from within the iThemes Security plugin dashboard to harden and secure your website.
Completing these recommended settings include things like enabling WordPress Two-Factor Authentication, WordPress malware scanning and enforcing strong passwords for users.
Again, you can use the Resolve Issues button to see more details on the individual settings, the grades for each, and then resolve the issues.
Once you’ve resolved the issues, you should see your overall security grade raise.
Recognized Backup Solutions
An important part of any site's security is to make sure you have a current backup. Grade Report will recognize if one of several third-party backup solutions are installed, and grade accordingly. It's worth noting that it doesn't actually have a way to tell if they're activated, configured and operating, only that they're installed. Here's the current list of supported solutions:
If the plugin you're using isn't supported, you can modify the code below with the plugin file that contains the header, and add it to your theme's functions.php file.
function itsec_grade_report_backup_solution($possible) {
$possible[] = 'plugin/main-file.php';
return $possible;
}
add_filter('itsec_possible_backup_plugins', 'itsec_grade_report_backup_solution’);
Disabling Grade Report by User
If you'd like, you can disable the Grade Report by user.
Completely Disable Grade Report
You can completely disable the Grade Report feature in your Global Settings.