4 Top Security Plugins for WordPress Sites

Being vigilant is an important step in security. You cannot expect what you do not inspect. That is, you cannot expect things to be working, if you do not check in on them periodically. Some plugins help with security maintenance and configuration on your WordPress installation. Just like antivirus and malware detection on workstations, these tools are here to assist in strengthening your security posture.

Security Plugins for WordPress

1.) WP-Security Scan

WP-Security Scan by Michael Torbert, provides an overall security scan of your WordPress installation. It checks many of the items listed previously, including WordPress version, table prefix, and absence of the admin account. It also includes a file system scanner to verify that the permissions are set to the recommended settings. WP-Security Scan provides a nice mechanism to make sure the base settings are in line with a good security posture. We look forward to Torbert adding new features in future releases.

You can find more information on WP-Security Scan at https://wordpress.org/extend/plugins/wp-security-scan/.

2.) WordPress Exploit Scanner

WP-Exploit Scanner is another plugin by Donncha O Caoimh. The Exploit Scanner scans your files, posts, and comments for suspicious information. Basically, this is a forensics tool for you to use to make sure your site has not been compromised. This plugin does not remove anything but it creates a list of suspicious content for you to review. The challenge here is that even with the filtered list, you have to have some idea what you are looking for. Running this plugin may result in false positives related to JavaScript from plugins and the WordPress core files.

You can find more information about the WordPress Exploit Scanner at https://wordpress.org/extend/plugins/exploit-scanner/.

3.) WordPress File Monitor

The WordPress File Monitor plugin by Matt Walters, looks for files in your WordPress installation that have been added, changed, or deleted. The plugin can be configured to send an e-mail should any file system activity occur. In addition, this plugin can be set to exclude certain directories, such as the uploads folder or file-based cache folders.

If file system changes are made, this plugin sets a warning in your WordPress Dashboard and also sends you an e-mail to alert you of the changes. This can be very handy in the event that something bad happens but will also trigger false alarms when you are performing updates. It is assumed that you know when you are doing updates and therefore can weed these out.

You can find more information about WordPress File Monitor at https://wordpress.org/plugins/wordpress-file-monitor/. This plugin has not been updated in a while, but we continue to use it on our non-Multisite sites.

4.) WordFence Security

WordFence Security by Mark Maunder is a comprehensive security plugin. This plugin checks your installed core files against the current revision in the WordPress repository. It checks both your core WordPress files as well as plugin files. Whereas the WordPress File Monitor is looking for new files added to your site root, potentially dropped in by bad guys, WordFence Security is evaluating your core and plugin files for changes or variations from the source code.

WordFence also scans your actual content for malware and phishing signatures and it has many other security features covering a large spectrum of potential threats or attack vectors.

One of the more interesting features of WordFence is the live traffic information that ties into a software-level firewall. Using the live traffic and firewall features, you can block specific IP addresses or countries from accessing your site. This can help when an attacker is attempting to compromise your site. Furthermore, you can configure WordFence to automatically block or throttle access for IP addresses when usage from those traffic sources exceeds limits that you set.

You can find more information about WordFence Security at https://wordpress.org/plugins/wordfence/.

One Response

  1. Lily Nicolas January 25, 2015
Games Security
PPC
Newbie PPC Marketer? Avoid These 5 Mistakes
Marketing Industry
Evolution of Technology in the Marketing Industry
Digital Privacy
Better Secure your Digital Privacy Using Windows 10
External Giveaway Freebie TechnoGiants Giveaway
Focusky Pro
Giveaway #41: Focusky Pro 3-months Plan Subscription
MacXDVD
Freebie: MacXDVD Gives Away 10K Free Copies of MacX Video Converter
Flipbook
Giveaway #40: FlipHTML5 Flipbook 3-months Platinum Plan Subscription
Android iPhone
Phones
How Mobile Phones Make your Life Easier?
iPhone 6S
How to Get Rid of Duplicate Contacts in iPhone?
Backup Contacts
How to Backup Contacts from Samsung Galaxy S8 to Computer
Adsense
Link Building Strategies
Link Building Strategies for Your Website in 2017
Guest Posting
6 Tips to Maximise Your SEO Efforts with Guest Posting
On-Page SEO
5 Ways Content Editors can kill your On-page SEO
MAC Software
Lotus Notes
How To Setup Archive Lotus Notes Emails To Local Disk & Save Locally
Business
Poor Employers in the Age of Technology
Store
How to Store and Protect Valuable Business Data?
Blogging Social Media
WordPress Errors
Top 10 Most Common WordPress Errors And How To Fix Them
Blog
5 Effective Ways To Save Time While Writing Blog Posts
Facebook Marketing
6 Tips for Using Video Marketing on Facebook
Mobile Technology
Infographic: How Mobile Technology Can Impact Your Sales
Social Media
Infographic: Social Media Behaviors to Avoid in 2017
Social Video
Infographic: 3 ways Social Video Marketing can Propel your Brand
Data Entry
Infographic: Should You Outsource Your Data Entry? Here are 5 Questions to Ask!