If you have using WordPress as your CMS (content management system), you should consider installing WordPress security plugin first to protect WordPress. These WordPress security plugins below not just help you to secure your website, but it also restricts the unauthorized access to your website at the same time.
So, today we will check out some of the best existing security plugins for word press users.
Best WordPress Security Plugin list:
Login LockDown – WordPress Security Login Plugin
WordPress security login plugin that against any WordPress hacker that cracking your login password and credential using brute force attack. This WordPress security login plugin will records the IP address and time stamp of every failed WordPress login attempt. Once reach until a certain number of failed attempts, it will disable the login function for all requests from that range ip address.
Secure WordPress
Secure WordPress is a WordPress security plugin that beefs up the security of your WordPress installation by removing error information on login pages, adds index.html to plugin directories, hides the WordPress version, really simple discovery, windows live writer and much more. Plus more, Secure WordPress can blocks any bad queries that could be harmful to your WordPress website.
WordPress Force SSL
A WordPress security that force the user browser to connect to your site via a SSL connection. with this WordPress SSL plugin, it eliminates any third party attacks between the WordPress admin connection and all the data that is transmitted to and from the site will be encrypted for better security. For example the site will appear as (https://www.techmixer.com) rather than (http://www.techmixer.com).
AntiVirus – WordPress AntiVirus Plugin
AntiVirus for WordPress security plugin is a smart and effective solution to protect your blog against exploits and spam injections. After installing this wordpress antivirus plugin, you won’t have to bother about the data corruption anymore.
WordPress Antivirus Feature:
- WordPress 3.x ready: Design as well as technical
- Detect the current WordPress permalink back door
- Quick & Dirty: activate, check, done!
- Manual testing with immediate result of the infected files
- Daily automatic check with email notification
- White list: Mark the suspicion as “No virus”
- Clean up after un-install the plugin
WordPress Login Encrypt
Login Encrypt is a wordpress security plugin uses a complex DES and RSA combination to secure wordpress login.
WordPress Login Encrypt Feature:
- A JavaScript appended to the wp-login (WordPress login page) generates, each time a user logs in, a unique DES key.
- The password of the user is encrypted.
- The JavaScript encrypts the DES unique key using the RSA public key (generated when the plugin is activated).
- The encrypted password and the encrypted DES unique key are sended to the server.
- A hook when login in checks if a encrypted DES unique key is received. If does, decrypts it using the secure RSA private key.
- Then, decrypts the password using the DES unique key.
BulletProof Security
BulletProof Security protects your website from XSS, CSRF, Base64 and SQL Injection hacking attempts. BulletProof Security protects both your Root website folder and wp-admin folder with .htaccess website security protection, as well as providing additional website security protection.
WordPress Bullet Proof Security Feature:
• Designed to be a fast, simple and one click security plugin to add .htaccess website security protection for your WordPress website.
• Secure .htaccess protection blocks XSS, CSRF, Base64_encode and SQL Injection hacking attempts
• Permanent online backup and restore
• Built-in File Editing, File Downloading and File Uploading
• WordPress readme.html and /wp-admin/install.php protected with .htaccess security protection
• wp-config.php and bb-config.php files protected with .htaccess security protection
• php.ini and php5.ini files protected with .htaccess security protection
• WordPress database errors turned off – Verification and function insurance
Acunetix WP Security
Acunetix WP Security also formerly as “WP Security Scan”. With this WordPress security plugin, you can scanning your WordPress-powered site will be a simple task. It will finds the wordpress vulnerabilities in your site and suggests useful corrective wordpress security tips on removing or correct them such as securing file permissions, database security, wordpress version hiding, WordPress admin protection and lots more.
Bad Behavior – WordPress SPAM Filtering Plugin
Bad Behavior is the wordpress security plugin which helps you fight with those annoying spammers. The plugin will not only help you prevent spam messages on your blog, but also will try to limit access to your blog, so they won’t be able even to read it.
Sucuri Security – Comprehensive WordPress Security Plugin
Sucuri is a well-known on-line site check malware scanner to protect WordPress from security threats, including malware, spam, unauthorised htaccess, Security Activity Auditing, File Integrity Monitoring, Remote Malware Scanning, Blacklist Monitoring, Effective Security Hardening, Post-Hack Security Actions and Security Notifications and a whole lot more.
From plugin dashboard, you can run a site scan and see which problems, if any, your site is afflicted with. Through the nicely designed interface you can easily tighten up security on your site in a number of ways, all by simply clicking on a few buttons.
Meanwhile, Sucuri Security Malware Scanner also incorporates various seurity blacklist engines such as Sucuri Labs, Google Safe Browsing, Norton, AVG, Phish Tank, ESET, McAfee Site Advisor, Yandex, SpamHaus and Bitdefender
Overall Sucuri is a worth to try out WordPress security plugins that gives you a lots WordPress security functionalities.
Besides that, here is other wordpress security post series that improve your wordpress security:
- WordPress Security for free
- Hardening WordPress
- WordPress Security Whitepaper
Share with us if you know other wordpress security plugin should included on the list.