4 Top Security Plugins for WordPress Sites

Being vigilant is an important step in security. You cannot expect what you do not inspect. That is, you cannot expect things to be working, if you do not check in on them periodically. Some plugins help with security maintenance and configuration on your WordPress installation. Just like antivirus and malware detection on workstations, these tools are here to assist in strengthening your security posture.

Security Plugins for WordPress

1.) WP-Security Scan

WP-Security Scan by Michael Torbert, provides an overall security scan of your WordPress installation. It checks many of the items listed previously, including WordPress version, table prefix, and absence of the admin account. It also includes a file system scanner to verify that the permissions are set to the recommended settings. WP-Security Scan provides a nice mechanism to make sure the base settings are in line with a good security posture. We look forward to Torbert adding new features in future releases.

You can find more information on WP-Security Scan at https://wordpress.org/extend/plugins/wp-security-scan/.

2.) WordPress Exploit Scanner

WP-Exploit Scanner is another plugin by Donncha O Caoimh. The Exploit Scanner scans your files, posts, and comments for suspicious information. Basically, this is a forensics tool for you to use to make sure your site has not been compromised. This plugin does not remove anything but it creates a list of suspicious content for you to review. The challenge here is that even with the filtered list, you have to have some idea what you are looking for. Running this plugin may result in false positives related to JavaScript from plugins and the WordPress core files.

You can find more information about the WordPress Exploit Scanner at https://wordpress.org/extend/plugins/exploit-scanner/.

3.) WordPress File Monitor

The WordPress File Monitor plugin by Matt Walters, looks for files in your WordPress installation that have been added, changed, or deleted. The plugin can be configured to send an e-mail should any file system activity occur. In addition, this plugin can be set to exclude certain directories, such as the uploads folder or file-based cache folders.

If file system changes are made, this plugin sets a warning in your WordPress Dashboard and also sends you an e-mail to alert you of the changes. This can be very handy in the event that something bad happens but will also trigger false alarms when you are performing updates. It is assumed that you know when you are doing updates and therefore can weed these out.

You can find more information about WordPress File Monitor at https://wordpress.org/plugins/wordpress-file-monitor/. This plugin has not been updated in a while, but we continue to use it on our non-Multisite sites.

4.) WordFence Security

WordFence Security by Mark Maunder is a comprehensive security plugin. This plugin checks your installed core files against the current revision in the WordPress repository. It checks both your core WordPress files as well as plugin files. Whereas the WordPress File Monitor is looking for new files added to your site root, potentially dropped in by bad guys, WordFence Security is evaluating your core and plugin files for changes or variations from the source code.

WordFence also scans your actual content for malware and phishing signatures and it has many other security features covering a large spectrum of potential threats or attack vectors.

One of the more interesting features of WordFence is the live traffic information that ties into a software-level firewall. Using the live traffic and firewall features, you can block specific IP addresses or countries from accessing your site. This can help when an attacker is attempting to compromise your site. Furthermore, you can configure WordFence to automatically block or throttle access for IP addresses when usage from those traffic sources exceeds limits that you set.

You can find more information about WordFence Security at https://wordpress.org/plugins/wordfence/.

One Response

  1. Lily Nicolas January 25, 2015
Games Security
Business Intelligence
How Business Intelligence & Analytic Tools Contribute to Your Business Growth
Inbound Marketing
The Techniques and Channels of Inbound Marketing in 2017
Biometrics
Using Biometrics as a Means of Securing User Privacy
External Giveaway Freebie TechnoGiants Giveaway
Focusky Pro
Giveaway #41: Focusky Pro 3-months Plan Subscription
MacXDVD
Freebie: MacXDVD Gives Away 10K Free Copies of MacX Video Converter
Flipbook
Giveaway #40: FlipHTML5 Flipbook 3-months Platinum Plan Subscription
Android iPhone
Galaxy C8
Samsung Galaxy C8 – The Fastest Samsung Phone
iPhone X
How iPhone X Can Make an Entrepreneur’s Life Easy
Business App
6 Mistakes to Avoid When Creating Your First Business App
Adsense
SEO
Beginners Guide to Effective SEO
SEO
SEO Fundamentals that Remain Unaffected by Algorithm Changes
Joomla
Top Joomla SEO Tips Which You Must Enable on Your Website
MAC Software
Billing Software
9 Common Misconceptions About Billing Software
Functions
9 Brilliant Google Secret Functions to Make Your Life Super Easy
Xen VPS
How Dedicated Xen VPS is better for hosting your business website?
Blogging Social Media
Loading Speed
How to Improve Loading Speed of Your Website?
Blog Post
The Main Guide to Writing Blog Posts That Rank in Google
Website Designing
Top 10 benefits of today’s Minimalistic Website Designing
Online Presence
Infographic: How to Maintain a Professional Online Presence as a Service Provider
Smart Cities
Infographic: 3 Reasons Behind the Need for Smart Cities
Customer Loyalty
Infographic: 6 Ways Social Media Can Help Build Customer Loyalty
Messages
Infographic: Top Reasons Why Your Business Needs to Archive Text Messages