WordPress is the most used blogging software around the world. Moreover it is not only used for blogging but also as a CMS in many information websites due to its wonderful customization features. But as spider-man’s uncle ‘Ben’ once said, with great power comes great responsibility, same way having a WordPress website is great but it can be unsafe and vulnerable to threats until it is protected neatly with a plug-in. Here are some plug-ins.
BulletProof Security
This plug-in does a fantastic job blocking threats. It helps to protect the WordPress site against XSS, RFI, CRLF, CSRF, Base64, Code Injection and SQL Injection hacking. It is based on simple phenomena. It monitors and protects the .htaccess file making it difficult, or let us just say impossible for any threat to penetrate the core files. This way it saves many files like wp-config, bb-config.php, php.ini, php5.ini, install.php and readme.html. The plug-in offers the feature of email alerts. You can select up to 5 emails and receive the notifications on them. It is ranked 4.8 stars.
Download plugin from WordPress Plugin Directory: Click here.
Wordfence Security
Wordfence can be called a one-time stop for Website security. It has an in built firewall and anti-virus scanner. This plug-in can detect malicious URLs and can verify and repair the core files of WordPress which include wp-config, php.ini, install.php, etc. which isn’t available there in any other plug-in. It gives the report in a systematic way showing the IP address and WHOIS details of the URLs, which can be of great help to track down the person creating the mess. One feature which I personally loved was Multi-Site. You can basically control all your WordPress blogs using one admin panel.
Download plugin from WordPress Plugin Directory: Click here.
6Scan Security
6Scan Security does a great job protecting the website from threats. It eliminates and blocks the threats such as – SQL Injection, XSS, CSRF, Directory traversal, Remote file inclusion(this threat is can be very troublesome), DoS attacks, etc. The Developers of the plug-ins even state to have included the protection against the OWASP Top 10 security vulnerabilities. A new feature of Web Application Firewall has been added in the plug-in to make it ultra-protective. The plug-in will be included with the feature of performing auto back-ups of the entire website’s data to avoid any further mishaps.
Download plugin from WordPress Plugin Directory: Click here.
WebsiteDefender WordPress Security
Like all other plug-ins this too takes the security of a WordPress site to the next level. The description of plug-in doesn’t state what exactly the plug-in protects the website from, however it says that it monitors all the security weaknesses that hackers might exploit and tells you the precautions and measurements to be taken for avoiding them. One unique feature which it offers is adding index.php inside each and every directory for avoiding information disclosure. My opinion would be installing this plug-in along with another major Security plug-in like BulletProof Security.
Download plugin from WordPress Plugin Directory: Click here.
Better WP security
Better WP security claims to be a plug-in which is a compilation of all the best security features of WordPress. The plug-in basically hides sensitive information about the WordPress site from the non-admin staff. After this, the plug-in also does a great job scanning for vulnerabilities and fixing them accordingly. A unique feature which it boasts is banning certain User Agents which are troublesome. This can be also used to block the web page access through certain mobile devices. Moreover the plug-in does a back-up of your WordPress blog for cases when things go really wrong.
Download plugin from WordPress Plugin Directory: Click here.
5 Best Security Plugins for WordPress