Website security is one of those topics that is always relevant. Just when a solution or fix is created for some virus or other hacker threat, a new one comes along to start the cycle of pain all over again.
With WordPress being such a popular content platform, and consequently a big target for hackers, security plug-ins are essential for your installation. Here’s an overview of some of the more popular ones.
There’s a lot of nasty threats out there; get some security!
This plug-in, a relative newcomer to the security plug-in party, compares the plug-in, themes, and WordPress core files of your installation with the official WordPress versions, and informs you of any discrepancies via e-mail. In addition, Wordfence scans your site for viruses, malware, and phishing.
WP Security Scan
WP Security Scan runs checks on your folder and file permissions to make sure everything is locked and sealed tight.
WP Login Security 2
If you want some tight security, it doesn’t get better than this. WP Login Security 2 sends a verification e-mail to the user’s e-mail address on record if he’s attempting to log on from an unknown IP address. If the user can’t validate that address, entry is denied.
WordPress File Monitor Plus
Even on the off-chance that someone manages to gain unauthorized access, it would still be good to know if any files were changed. This plug-in watches for files that get added to, changed, or removed outright, and lets you know by e-mail.
Have you ever had the misfortune of incorrectly typing a password to one of your online credit card or banking sites? Ever do it multiple times? Odds are, if you have, you end up getting logged out for a period of time. Wouldn’t it be nice to do that to some miscreant who’s trying to hack your WordPress site? Well, here it is. Now it’s your turn to mete out the punishment!
This plug-in functions on the same system as Login Lockdown, but its reputation is positively sterling. It keeps your installation safe from brute force and dictionary attacks.
This colorfully-named plug-in deals with those dreaded bottom-feeders: spammers! This PHP-based solution not only blocks spam, it can also prevent spammers from reading your site in the first place!
This plug-in backs up your WordPress files and database. Backups are essential to keep you safe from hackers, malware, and viruses, sure, but also from other threats such as server failure or WordPress upgrades.
Security plug-ins aren’t just for combating sleaze hackers and spambots. With this plug-in, you automatically get an e-mail when there’s been an update to your core WordPress files, themes, or, yes, your plug-ins. By staying on top of updates, you reduce the headaches that come from getting caught too late by the latest online threat.
Block Bad Queries
Otherwise known as BBQ (mmm…barbecue…), this plug-in protects your site from malicious URL requests. It checks incoming traffic and blocks requests from excessively long request strings and other red flags.
This is just a small number of useful WordPress security plug-ins available out there. Just remember that there’s no such thing as having too much security for your site.