4 Top Security Plugins for WordPress Sites

Being vigilant is an important step in security. You cannot expect what you do not inspect. That is, you cannot expect things to be working, if you do not check in on them periodically. Some plugins help with security maintenance and configuration on your WordPress installation. Just like antivirus and malware detection on workstations, these tools are here to assist in strengthening your security posture.

Security Plugins for WordPress

1.) WP-Security Scan

WP-Security Scan by Michael Torbert, provides an overall security scan of your WordPress installation. It checks many of the items listed previously, including WordPress version, table prefix, and absence of the admin account. It also includes a file system scanner to verify that the permissions are set to the recommended settings. WP-Security Scan provides a nice mechanism to make sure the base settings are in line with a good security posture. We look forward to Torbert adding new features in future releases.

You can find more information on WP-Security Scan at https://wordpress.org/extend/plugins/wp-security-scan/.

2.) WordPress Exploit Scanner

WP-Exploit Scanner is another plugin by Donncha O Caoimh. The Exploit Scanner scans your files, posts, and comments for suspicious information. Basically, this is a forensics tool for you to use to make sure your site has not been compromised. This plugin does not remove anything but it creates a list of suspicious content for you to review. The challenge here is that even with the filtered list, you have to have some idea what you are looking for. Running this plugin may result in false positives related to JavaScript from plugins and the WordPress core files.

You can find more information about the WordPress Exploit Scanner at https://wordpress.org/extend/plugins/exploit-scanner/.

3.) WordPress File Monitor

The WordPress File Monitor plugin by Matt Walters, looks for files in your WordPress installation that have been added, changed, or deleted. The plugin can be configured to send an e-mail should any file system activity occur. In addition, this plugin can be set to exclude certain directories, such as the uploads folder or file-based cache folders.

If file system changes are made, this plugin sets a warning in your WordPress Dashboard and also sends you an e-mail to alert you of the changes. This can be very handy in the event that something bad happens but will also trigger false alarms when you are performing updates. It is assumed that you know when you are doing updates and therefore can weed these out.

You can find more information about WordPress File Monitor at https://wordpress.org/plugins/wordpress-file-monitor/. This plugin has not been updated in a while, but we continue to use it on our non-Multisite sites.

4.) WordFence Security

WordFence Security by Mark Maunder is a comprehensive security plugin. This plugin checks your installed core files against the current revision in the WordPress repository. It checks both your core WordPress files as well as plugin files. Whereas the WordPress File Monitor is looking for new files added to your site root, potentially dropped in by bad guys, WordFence Security is evaluating your core and plugin files for changes or variations from the source code.

WordFence also scans your actual content for malware and phishing signatures and it has many other security features covering a large spectrum of potential threats or attack vectors.

One of the more interesting features of WordFence is the live traffic information that ties into a software-level firewall. Using the live traffic and firewall features, you can block specific IP addresses or countries from accessing your site. This can help when an attacker is attempting to compromise your site. Furthermore, you can configure WordFence to automatically block or throttle access for IP addresses when usage from those traffic sources exceeds limits that you set.

You can find more information about WordFence Security at https://wordpress.org/plugins/wordfence/.

One Response

  1. Lily Nicolas January 25, 2015
Games Security
Cyber
6 Dangerous Myths About Cyber Security You Need To Stop Believing Today
Documentation
The Evolution of Documentation Methods and Tools
Email Marketing
17 Email Marketing Tips to growth hack Your Ecommerce sales and conversion
External Giveaway Freebie TechnoGiants Giveaway
Focusky Pro
Giveaway #41: Focusky Pro 3-months Plan Subscription
MacXDVD
Freebie: MacXDVD Gives Away 10K Free Copies of MacX Video Converter
Flipbook
Giveaway #40: FlipHTML5 Flipbook 3-months Platinum Plan Subscription
Android iPhone
Finger Print
What Are the Advantages of Fingerprint Locks in Mobiles?
Lock your Android
How to Get Your Android Device Protected from Spyware?
iOS 11
8 Really Unknown Features of iOS 11 Entering in your iPhone
Adsense
Backlinks
How to Build SEO Backlinks: A Beginner’s Guide?
Progressive Web Apps
Turn Your Website into an Application: Progressive Web Apps & SEO
Management
6 Ways Project Nucleus Will Change SEO Management Forever
MAC Software
Microsoft Outlook
How to Open Oversized PST File of Microsoft Outlook in Windows
Windows Data Recovery
Lost Data Recovery with Stellar Phoenix Windows Data Recovery – Home (verified)
Technology
How Technology Has Changed the Way of Shopping
Blogging Social Media
Write
Blogging Ideas For When You’re Stuck, Tired And Can’t Write A Thing
Twitter Marketing
Twitter Marketing Tips for 2017
Earning
Top 5 Strategies and Concepts for Earning Online Through Blogging
Customer Loyalty
Infographic: 6 Ways Social Media Can Help Build Customer Loyalty
Messages
Infographic: Top Reasons Why Your Business Needs to Archive Text Messages
Mobile Technology
Infographic: How Mobile Technology Can Impact Your Sales
Social Media
Infographic: Social Media Behaviors to Avoid in 2017