Because WordPress is the most popular CMS platforms on the Internet today, many hackers have consolidated their efforts toward only hacking or spamming WordPress websites. As a result, millions of WordPress blogs and websites are hacked each day, leading to lost work, irreparable damage to search engine ranks, and putting visitors and users in danger of having their own information hacked as well.
Below are five plug-ins that can be used to increase WordPress security for your blog. If you also want to check out anti-spam plugin, check out the post: Top 5 WordPress Plugins to Kill Spam
Sucuri is a paid service (and accompanying plugin) that works by installing a web application firewall which will protect your site from unauthorized access attempts and attacks. The system works with other data, allowing bad IP addresses to get blocked for all Sucuri users, even though only one client may have gotten attacked. This keeps the blocks IP list up to date. Sucuri also use is integrity monitoring, audit logs, and activity reporting. Pricing starts at $89.99 per year for one website and scales in price to cover additional websites as needed.
Limit Login Attempts
This free plug-in will allow you to limit the number of login attempts via the normal login or cookies. The plug-in can notify you by email of suspected malicious attempts and also allows the option for logging.
Many hackers and spammers work from a different side instead of attempting to log into your site maliciously. Many spammers offer free WordPress themes, which come loaded with malware or spam. This plug-in is also free and scans your theme templates for malware and inserts of spam. Once detected, it sends an alert in the admin bar and can send you an email notification after each daily scan. Besides themes, it also scans database tables.
BBQ: Block Bad Queries
Another spammer action is to send malicious URL requests to your website in an attempt to hack it. The BBQ plug-in is free and easy to use. It is based on the 5G/60 blacklists and blocks a wide range of malicious request. It also scans all incoming traffic to catch all requests.
This all-in-one security plugin was created after its developer was hacked in 2011. The free version features scan and repair capabilities for payment plug-in files and can also scan for malware and several well-known backdoors into WordPress website. It also includes the complete firewall, enable strong passwords, and track IP’s to their source. The premium version is $39 per month and includes all the free features, as well as others like cell phone signing, remote scans, and scheduled scans.