Hardening Posture Score Explained
What This Covers
This guide explains the Hardening Posture Score and how to interpret it.
The Hardening Posture Score reflects the level of protective measures applied to your site through SteelWP.
What the Hardening Posture Score Represents
The Hardening Posture Score measures how well your site is protected based on applied hardening controls.
It reflects:
- active protections
- coverage of available hardening options
- overall defensive posture
Unlike the Scan Risk Score, which identifies issues, this score represents what has been secured.
How to Interpret the Score
In general:
- A higher score indicates more protections are in place
- A lower score indicates opportunities to improve security
The score helps you understand how much of your site’s potential hardening has been applied.
What Influences the Score
The Hardening Posture Score is affected by:
- number of applied hardening controls
- importance of each control
- coverage across different security areas
Some protections contribute more than others based on their impact.
Scan vs Hardening: Key Difference
SteelWP separates risk detection from risk reduction.
- Scan Risk Score → What risks exist
- Hardening Posture Score → What protections are in place
Improving your security posture requires addressing both.
Why the Score Is Not Everything
The Hardening Posture Score is a guide, not a target.
For example:
- Not all hardening controls are appropriate for every site
- Some protections may conflict with functionality
- A “perfect” score is not always desirable
Focus on applying relevant and safe protections, not maximizing the score.
How to Improve Your Score
To improve your Hardening Posture Score:
- Review available hardening controls
- Apply relevant protections
- Test your site after each change
- Re-run scans to confirm impact
Improvements will be reflected after changes are applied.
When Not to Apply a Control
You may choose not to apply a control if:
- it conflicts with your site’s functionality
- it is not relevant to your environment
- the risk is already mitigated in another way
SteelWP is designed to support informed decisions, not enforce changes.
When the Score Does Not Change
If your score does not increase:
- confirm the control was applied successfully
- ensure the change is supported by your server
- review whether the control contributes to the score
Common Questions
Should I aim for a perfect score?
Not necessarily.
A high score is beneficial, but only when the applied protections are appropriate for your site.
Why is my score low?
Common reasons include:
- no hardening controls applied
- limited server capabilities
- skipped or unsupported protections
Can I ignore the score?
You should use it as a guide, but not as the sole measure of security.
Understanding your environment is more important than achieving a number.
Tips
- Apply protections gradually
- Prioritize high-impact controls
- Test after each change
- Use the score to track progress over time
What to Do Next
After reviewing your Hardening Posture Score:
- Review available hardening controls
- Apply relevant protections
- Re-test your site
- Continue improving your security posture