Security Scan

Security scan completed 2 hours ago. 1 high severity issue found.

Scan Summary

Grade: C

Scanned Website

alicesart.com

Last Scan

Today, 10:42 AM

Next Scheduled Scan

Tomorrow, 10:42 AM

Vulnerability Findings

High Severity

Admin page exposed with default username

Your site's admin page is publicly accessible at /wp-admin and we detected it's using a default admin username. This could be a brute-force target.

Recommendation: Change the admin username to a non-standard name and ensure you use a strong password or implement two-factor auth on admin login.

MALWAREBYTES.COM
Medium Severity

Server version disclosure

Your server is disclosing its software version (Apache 2.4.1) which is outdated.

Recommendation: Update to latest Apache or use a header to hide version.

Medium Severity

No SPF record found

No SPF record found for your domain – could allow email spoofing.

Recommendation: Add an SPF record to your DNS to specify allowed senders.

Low Severity

SSL Certificate

SSL Certificate uses SHA-256, which is fine (informational).

Security Grade

C

Your website has moderate security risks that should be addressed.

Issue Breakdown

High Severity 1
Medium Severity 2
Low Severity 1

Quick Actions

Fix Admin Page Security

To secure your WordPress admin page:

  1. Log in to your WordPress dashboard
  2. Go to Users → Add New
  3. Create a new administrator account with a unique username
  4. Log out and log back in with the new account
  5. Go to Users → All Users
  6. Delete the old "admin" account, assigning all content to your new account
  7. Install a security plugin like Wordfence or iThemes Security
  8. Enable two-factor authentication for admin accounts
WordPress Hardening Guide →