Because hackers are now everywhere and it pays to be cautious as well as protected and prepared.
I am reading in forums about so many people where their sites are being hacked, so don’t wait till your site is hacked but start protecting your site right now.
Here are some of the best WordPress Security Plugins and tips that can help you in securing your own personal space, which is your site. You would not want anyone destroying it, right?
1. Secure WordPress.
This is a very useful plugin because it does a lot for your wordpress blog. It removes error-information on login-page, hides your wp-version in backend-dashboard and much more.
Download Link: http://wordpress.org/extend/plugins/secure-wordpress/
2. WP Security Scan
This plugin will scan your entire WordPress installation and will suggest improvements regarding security vulnerabilities like passwords, database security, file permissions, admin security.
Download Link: http://wordpress.org/extend/plugins/wp-security-scan/
3. Login Lockdown
It takes note of the IP address and timestamp of every failed WordPress login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range. This helps to prevent brute force password discovery. Currently the plugin defaults to a 1 hour lock out of an IP block after 3 failed login attempts within 5 minutes. This can be modified via the Options panel. Administrators can release locked out IP ranges manually from the panel.
Download Link: http://www.bad-neighborhood.com/login-lockdown.html
4. AskApache Password Protect
From the name itself, it is a plug-in that protects your wordpress blog password. It protects everything from your wp-admin directory to your wp-content, plug-in and much more. You can always edit it right from your own WordPress Admin Panel.
This is one of the plugin that is most widely used to optimize database, repair database, backup database, restore database, delete backup database, drop/empty tables and run selected queries. WP-DBManager also supports automatic scheduling of backing up and optimizing of database.
Download Link: http://wordpress.org/extend/plugins/wp-dbmanager/
An extremely powerful anti-spam plugin for WordPress that eliminates comment spam, including trackback and pingback spam. It works invisibly without CAPTCHA’s, or other inconvenience to site visitors. The plugin includes spam-free contact form feature as well. Finally, you can enjoy a spam-free WordPress blog!
I recently installed this plugin and I hardly get any spam nowadays
Download Link: http://www.hybrid6.com/webgeek/plugins/wp-spamfree
7. Angsuman’s WordPress Guard Plugin
Angsuman’s WordPress Guard Plugin is a WordPress security plugin that protects the vulnerable areas of your blog from outside access with an additional layer of security.
Make sure you create a password that is made up of lowercase, UPPERCASE and symbols. If you have kept the password that was generated for you when you installed WordPress, CHANGE IT NOW. There have been many cases where hackers have gained access to sites via the passwords which are generated by the hosting company.
Change your Administrator username from “Admin” to something else. Most hackers realize that for 99% of blogs, the username is ‘admin’. Make it harder for them and change it.
10. WordPress Versions
Keep your WordPress version up to date. Especially when WordPress issue a minor upgrade from within a version. For instance, if you are on version 2.8.4 always upgrade to WordPress 2.8.5 and 2.8.6.
When WordPress 2.9 came out recently, I didn’t upgrade as it was a major upgrade i.e. 2.8 to 2.9. I always wait until WordPress issue the minor upgrade i.e. 2.9.1 to the major upgrade. There could be security and other problems within the major version. I am now on version 2.9.1.
Remember to backup your blog before upgrading.
11. Plugin Versions
Keep your plugins up to date. Often plugins are updated due to security reasons. But before you upgrade, ensure the latest version is compatible with the version of WordPress you are using?
It is very important to keep your blog secure. Thirty minutes work now can stop you having to experience many hours of frustration of recovering from a hacked blog.
What experiences have you had with these plugins and are there other security tips you’d recommend. Share your views in the comments below.