Understanding the WP 1 Click LockDown Dashboard

Accessing the Dashboard

After activation, navigate to Tools → WP 1 Click LockDown in your WordPress admin menu. On a Multisite network with an Agency plan, the network-wide dashboard is at Network Admin → WP 1 Click LockDown.

The Hero Bar

At the top of the page you will find the hero bar, showing the plugin name, a brief description, your current plan, and the "Apply 1-Click Preset" button. Your current plan tier is displayed as a chip on the right side.

Security Controls (Main Panel)

The left column contains three collapsible sections:

• Comments & Spam — controls for disabling comments, requiring moderation, managing spam keyword lists, disabling pingbacks, and closing old post comments.
• Login URL Masking & Brute-Force Protection — set your custom login slug, redirect URL for blocked visitors, failed attempt limits, lockout duration, and email alerts.
• Hardening — toggles for XML-RPC, file editor, WP version hiding, author enumeration blocking, and REST user endpoint blocking.

HTTP Security Headers (Pro+ Section)

Below the hardening section, Single Site plan users and above see the HTTP Security Headers section. Enable it and choose which headers to send: X-Frame-Options, X-Content-Type-Options, X-XSS-Protection, Referrer-Policy, Permissions-Policy, and HSTS.

Security Report Sidebar

The right column shows a live snapshot of your current security posture — every setting and its current value. Starter plan users and above can click Export CSV Report to download a formatted spreadsheet, ideal for sharing with clients.

2FA Recommendations Card

The lower right card lists recommended two-factor authentication plugins. WP 1 Click LockDown hardens the site itself but does not provide 2FA — pairing it with a dedicated 2FA plugin covers your admin accounts.