5 Plugins to Keep Your WordPress Blog Secure

Filed as Guides on October 31, 2013 5:52 pm

5 wordpress security plugins

Because WordPress is the most popular CMS platforms on the Internet today, many hackers have consolidated their efforts toward only hacking or spamming WordPress websites. As a result, millions of WordPress blogs and websites are hacked each day, leading to lost work, irreparable damage to search engine ranks, and putting visitors and users in danger of having their own information hacked as well.

Below are five plug-ins that can be used to increase WordPress security for your blog. If you also want to check out anti-spam plugin, check out the post: Top 5 WordPress Plugins to Kill Spam

Sucuri

Sucuri is a paid service (and accompanying plugin) that works by installing a web application firewall which will protect your site from unauthorized access attempts and attacks. The system works with other data, allowing bad IP addresses to get blocked for all Sucuri users, even though only one client may have gotten attacked. This keeps the blocks IP list up to date. Sucuri also use is integrity monitoring, audit logs, and activity reporting. Pricing starts at $89.99 per year for one website and scales in price to cover additional websites as needed.

Limit Login Attempts

This free plug-in will allow you to limit the number of login attempts via the normal login or cookies. The plug-in can notify you by email of suspected malicious attempts and also allows the option for logging.

AntiVirus

Many hackers and spammers work from a different side instead of attempting to log into your site maliciously. Many spammers offer free WordPress themes, which come loaded with malware or spam. This plug-in is also free and scans your theme templates for malware and inserts of spam. Once detected, it sends an alert in the admin bar and can send you an email notification after each daily scan. Besides themes, it also scans database tables.

BBQ: Block Bad Queries

Another spammer action is to send malicious URL requests to your website in an attempt to hack it. The BBQ plug-in is free and easy to use. It is based on the 5G/60 blacklists and blocks a wide range of malicious request. It also scans all incoming traffic to catch all requests.

WordFence

This all-in-one security plugin was created after its developer was hacked in 2011. The free version features scan and repair capabilities for payment plug-in files and can also scan for malware and several well-known backdoors into WordPress website. It also includes the complete firewall, enable strong passwords, and track IP’s to their source. The premium version is $39 per month and includes all the free features, as well as others like cell phone signing, remote scans, and scheduled scans.

Tags: , , ,

This post was written by

You can visit the for a short bio, more posts, and other information about the author.


Submissions & Subscriptions

Submit the post to Reddit, StumbleUpon, Digg or Del.icio.us.

Did you like it? Then subscribe to our RSS feed!



  1. By BadCat Design posted on November 1, 2013 at 10:52 am
    Want an avatar? Get a gravatar! • You can link to this comment

    Here’s another one with promise – BruteProtect http://bruteprotect.com
    (Not affiliated with them, though they did send me some stickers :)

    It uses an API key and even supports WordPress Multisite Networks.

    Reply

  2. By minhu76 posted on November 2, 2013 at 12:09 am
    Want an avatar? Get a gravatar! • You can link to this comment

    [url=http://vemaybay247.com.vn]ve may bay gia re[\url]

    Reply

  3. By hung posted on November 2, 2013 at 12:10 am
    Want an avatar? Get a gravatar! • You can link to this comment

    Keep Your WordPress Blog Secure help me a alot , tks
    http://vemaybay247.com.vn

    Reply

  4. By ve may bay gia re posted on November 2, 2013 at 12:11 am
    Want an avatar? Get a gravatar! • You can link to this comment

    Keep Your WordPress Blog Secure help me a alot , tks

    Reply

  5. By LaPointe Gary posted on November 2, 2013 at 3:28 pm
    Want an avatar? Get a gravatar! • You can link to this comment

    I don’t know if using plug-ins that haven’t been updated in 17 months and haven’t been tested since WP 3.3.2 is good from a security stand point. I like the idea of limit login attempts, but I’d feel more secure if the author was updating it more. Or at least updating the plugin page to say that they’ve tested it with more recent versions of WP…

    Reply

  6. By Swapan CS posted on November 2, 2013 at 5:58 pm
    Want an avatar? Get a gravatar! • You can link to this comment

    I at first installed wordFence in my blog, but got complex in settings and some error signals. However, may be it is a great one but I failed to set up. But your other plug ins are notable information to me to be used in future. Thanks to find the share of your useful write up.

    Reply

  7. By dreambox-sat posted on November 8, 2013 at 1:51 pm
    Want an avatar? Get a gravatar! • You can link to this comment

    Thanks a lot Kelsey Jones
    i appreciate it

    Reply

  8. By Wap android posted on February 4, 2014 at 11:33 pm
    Want an avatar? Get a gravatar! • You can link to this comment

    I at first installed wordFence in my blog, but got complex in settings and some error signals. However, may be it is a great one but I failed to set up. But your other plug ins are notable

    Reply

  9. By wpdil posted on February 10, 2014 at 10:02 am
    Want an avatar? Get a gravatar! • You can link to this comment

    Everyone know Security is an unsolve question. Then this plugin is must for every blogger.

    Reply

  10. By Madiha Durrani posted on March 4, 2014 at 12:30 pm
    Want an avatar? Get a gravatar! • You can link to this comment

    Really great post, just started follow your blog/site. Glad I did

    Reply

    Your words are your own, so be nice and helpful if you can. If this is the first time you're posting a comment, it might go into moderation. Don't worry, it's not lost, so there's no need to repost it! We accept clean XHTML in comments, but don't overdo it please.

    Current day month ye@r *