4 Top Security Plugins for WordPress Sites

Word Count: 636
Total View: 211

Being vigilant is an important step in security. You cannot expect what you do not inspect. That is, you cannot expect things to be working, if you do not check in on them periodically. Some plugins help with security maintenance and configuration on your WordPress installation. Just like antivirus and malware detection on workstations, these tools are here to assist in strengthening your security posture.

Security Plugins for WordPress

1.) WP-Security Scan

WP-Security Scan by Michael Torbert, provides an overall security scan of your WordPress installation. It checks many of the items listed previously, including WordPress version, table prefix, and absence of the admin account. It also includes a file system scanner to verify that the permissions are set to the recommended settings. WP-Security Scan provides a nice mechanism to make sure the base settings are in line with a good security posture. We look forward to Torbert adding new features in future releases.

You can find more information on WP-Security Scan at https://wordpress.org/extend/plugins/wp-security-scan/.

2.) WordPress Exploit Scanner

WP-Exploit Scanner is another plugin by Donncha O Caoimh. The Exploit Scanner scans your files, posts, and comments for suspicious information. Basically, this is a forensics tool for you to use to make sure your site has not been compromised. This plugin does not remove anything but it creates a list of suspicious content for you to review. The challenge here is that even with the filtered list, you have to have some idea what you are looking for. Running this plugin may result in false positives related to JavaScript from plugins and the WordPress core files.

You can find more information about the WordPress Exploit Scanner at https://wordpress.org/extend/plugins/exploit-scanner/.

3.) WordPress File Monitor

The WordPress File Monitor plugin by Matt Walters, looks for files in your WordPress installation that have been added, changed, or deleted. The plugin can be configured to send an e-mail should any file system activity occur. In addition, this plugin can be set to exclude certain directories, such as the uploads folder or file-based cache folders.

If file system changes are made, this plugin sets a warning in your WordPress Dashboard and also sends you an e-mail to alert you of the changes. This can be very handy in the event that something bad happens but will also trigger false alarms when you are performing updates. It is assumed that you know when you are doing updates and therefore can weed these out.

You can find more information about WordPress File Monitor at https://wordpress.org/plugins/wordpress-file-monitor/. This plugin has not been updated in a while, but we continue to use it on our non-Multisite sites.

4.) WordFence Security

WordFence Security by Mark Maunder is a comprehensive security plugin. This plugin checks your installed core files against the current revision in the WordPress repository. It checks both your core WordPress files as well as plugin files. Whereas the WordPress File Monitor is looking for new files added to your site root, potentially dropped in by bad guys, WordFence Security is evaluating your core and plugin files for changes or variations from the source code.

WordFence also scans your actual content for malware and phishing signatures and it has many other security features covering a large spectrum of potential threats or attack vectors.

One of the more interesting features of WordFence is the live traffic information that ties into a software-level firewall. Using the live traffic and firewall features, you can block specific IP addresses or countries from accessing your site. This can help when an attacker is attempting to compromise your site. Furthermore, you can configure WordFence to automatically block or throttle access for IP addresses when usage from those traffic sources exceeds limits that you set.

You can find more information about WordFence Security at https://wordpress.org/plugins/wordfence/.

One Response

  1. Lily Nicolas January 25, 2015
Games Security
eCommerce
The Million-Dollar Question of eCommerce: How to Get Repeat Business?
Telephone System
Office Telephone System: How to Choose the Right One for Small Enterprise
Internet Marketing
Top-Most Internet Marketing Strategies on the Go
External Giveaway Freebie TechnoGiants Giveaway
MacXDVD
Freebie: MacXDVD Gives Away 10K Free Copies of MacX Video Converter
Flipbook
Giveaway #40: FlipHTML5 Flipbook 3-months Platinum Plan Subscription
iCare Data Recovery Pro
Giveaway #39: iCare Data Recovery Pro Free Download with License Key
Android iPhone
Travel App
5 Apps You Need to Pack for Your Next Vacation
Android Phone
5 Tricks to Speed Up Your Slow Android Phone
Money Online
Great Ways to Earn Money Online With Your Smart Phone
Adsense
On Page Optimization
Understand the effectiveness and important of On Page Optimization
Search Engine
Why Content Marketing is the New Key to Good SEO
Outsource SEO
5 tips that will help you with SEO Outsourcing
MAC Software
Hiring Software
How to Get the Most Out of Your Hiring Software?
DVD Copy
How do you copy DVD with DVDFab DVD Copy Software?
Able2Extract Professional 11
6 Time-Saving Tricks: Featuring Able2Extract Professional 11
Blogging Social Media
Time Management
8 Time Management Strategies for Fellow Bloggers
WordPress
7 Pros and Cons of WordPress for Blogging!
eCommerce
How to Set Up an eCommerce Store Using WordPress in 7 Steps
Email Marketing
Infographic: The Giant Email Marketing Statistics Guide
Ecommerce
Infographic: How to Create Your Ecommerce Store With Magento
Ways to Backup iPhone
Infographic: Ways to Backup iPhone – Avoid iPhone Data Loss
Debit cards
The Rise in use of Credit/Debit cards in India after Demonetization