35 Security Plugins to Make Your WordPress Bulletproof

Posted in WordPress4 years ago • Written by 49 Comments

Preview-wordpress-security-tools-tips-pluginsWordPress is the most popular blogging platform today. It’s being used by thousands of people all around the world. But because of the popularity, it’s getting more attention by hackers and spammers too. WordPress is very secure by itself, but there’s never too much ascertainable.

For simple users,who don’t code a lot, plugins is the best way to secure your blog. They’re free, easily usable and safe. This post assembles 35 best plugins to make your blog bulletproof. They’re each devised for different purposes, so you will get the best protection from each field.

Secure Your Login

1. Semisecure Login Reimagined

Semisecure Login Reimagined increases the security of the login process by using a combination of public and secret-key encryption to encrypt the password on the client-side when a user logs in. JavaScript is required to enable encryption. It is most useful for situations where SSL is not available, but the administrator wishes to have some additional security measures in place without sacrificing convenience.

Semisecure-login-reimagined-wordpress-security-tools-tips-plugins

2. Stealth Login

This plugin allows you to create custom URLs for logging in, logging out, administration and registering for your WordPress blog. Instead of advertising your login URL on your homepage, you can create a URL of your choice that can be easier to remember than wp-login.php, for example you could set your login URL to http://www.myblog.com/login for an easy way to login to your website.

Stealth-login-wordpress-security-tools-tips-plugins

3. Login LockDown

Login LockDown records the IP address and timestamp of every failed login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range. This helps to prevent brute force password discovery.

Lockdown-login-wordpress-security-tools-tips-plugins

4. Chap Secure Login

Whenever you try to login into your website, you can use this plugin to transmit your password encrypted. The encryption process is done by the Chap protocol. By activating the Chap Secure Login plugin, the only information transmitted unencrypted is the username, password is hidden with a random number (nonce) generated by the session – and opportunely transformed by the MD5 algorithm. In the first login there will be an error, but don’t worry is only a technical error. Indeed in the next login’s operation, if the values are correct, there will not be errors.

Chap-secure-login-wordpress-security-tools-tips-plugins

Admin Area

1. Admin SSL

Admin SSL secures login page, admin area, posts, pages – whatever you want – using Private or Shared SSL. Once you have activated the plugin, you have to go to the Admin SSL config page to enable SSL.

Admin-ssl-wordpress-security-tools-tips-plugins

Database

1. WP-DB-Backup

WP-DB-Backup allows you easily to back up your core WordPress database tables. You may also backup other tables in the same database.

Databse-backup-wordpress-security-tools-tips-plugins

2. Remote Database Backup

This plugin creates SQL dumps of your WordPress database. It is based on the WordPress Database Backup plugin (http://www.ilfilosofo.com/blog/wp-db-backup) – but it removes some of the security restrictions in the plugin to enable automated remote backups. You still need the admin user name and password to do a remote backup.

Remote-databse-backup-wordpress-security-tools-tips-plugins

3. WP-DB Manager

This plugin allows you to optimize database, repair database, backup database, restore database, delete backup database , drop/empty tables and run selected queries. It supports automatic scheduling of backing up and optimizing of database.

Databse-manager-wordpress-security-tools-tips-plugins

4. BackUpWordPress

BackUpWordPress is a backup & recovery suite for your WordPress website. This plugin allows you to back up database tables as well as files and comes with a rich set of options.

Backup-wordpress-security-tools-tips-plugins

5. WordPress 1 Click EZ Backup

EZ Backup has been turned into a simple one click operation. Click the button and watch your files and database backup be created. You can create a backup of all your webspace files or backup just your wp-content folder all from this one plugin. Unlike the Full EZ Backup plugin this one does not require any special information such as usernames or passwords etc. This plugin costs $5.

6. myEASYbackup

This plugin allows you to back up, restore, migrate your WordPress installation, both files and mySQL tables with a single click. When performing a backup, myEASYbackup creates a compressed data set file that can be stored outside the WordPress installation directory. A list of all data sets on the server is also logged in the admin area.

My-easy-backup-wordpress-security-tools-tips-plugins

Spam

1. Antispam Bee

AntispamBee protects blogs from digital rubbish. It is made up of sophisticated techniques and analyzes comments including pings. Also, for reasons of data privacy, the use of AntispamBee is a safe solution, as it is anonymous and registration-free.

Antispam-bee-wordpress-security-tools-tips-plugins

2. NoSpamNX

NoSpamNX is the successor of Yawasp (Yet Another WordPress antispam plugin) and is a plugin to protect against automated comment spam (spambots). While Yawasp changed the names of the form fields in the comment template, NoSpamNX works without these modifications, but is equally effective. By eliminating the need for modifications the form field need maximum compatibility with other WordPress plugins or browser is ensured.

No-spam-nx-wordpress-security-tools-tips-plugins

3. Akismet

Automattic Kismet (Akismet for short) is a collaborative effort to make comment and trackback spam a non-issue and restore innocence to blogging, so you never have to worry about spam again.

Akismet-wordpress-security-tools-tips-plugins

4. Math Comment Spam Protection

Asks the visitor making the comment to answer a simple math question. This is intended to prove that the visitor is a human being and not a spam robot. Example of such question: What is the sum of 2 and 9?

Math-comment-spam-protection-wordpress-security-tools-tips-plugins

5. Defensio Anti-Spam

Defensio is an advanced spam filtering web service that learns and adapts to your behaviors and those of your readers. Advanced features such as support for OpenID, detailed statistics, charts, RSS feed of our comments (innocent and spam) and counter widget are also available.

Defensio-anti-spam-wordpress-security-tools-tips-plugins

6. SI CAPTCHA Anti-Spam

Adds CAPTCHA anti-spam methods to WordPress on the comment form, registration form, login, or all. In order to post comments or register, users will have to type in the code shown on the image. This prevents spam from automated bots. Adds security. Works great with Akismet. Also is fully WP, WPMU, and BuddyPress compatible.

Captcha-anti-spam-wordpress-security-tools-tips-plugins

7. reCAPTCHA

reCAPTCHA is an anti-spam method originating from Carnegie Mellon University which uses CAPTCHAs in a genius way. Instead of randomly generating useless characters which users grow tired of continuously typing in, risking the possibility that spammers will eventually write sophisticated spam bots which use OCR libraries to read the characters, reCAPTCHA uses a different approach.

Recaptcha-wordpress-security-tools-tips-plugins

8. Blackhole

Blackhole is a trap for bad bots. The concept is simple: include a hidden link to a robots.txt-forbidden directory somewhere on your pages. Bots that ignore or disobey your robots rules will crawl the link and fall into the trap, which then performs a WHOIS Lookup and records the event in the blackhole data file. Once added to the blacklist data file, bad bots immediately are denied access to your site.

Blackhole-wordpress-security-tools-tips-plugins

9. Invisible Defender

This plugin protects registration, login and comment forms from spambots by adding two extra fields hidden by CSS. This approach gave me 100% anti-spam protection on one of my sites.

Other

1. Secure WordPress

Little help to secure your WordPress installation. This plugin removes error information on login page, adds index.html to plugin directory, removes the wp-version, except in admin area.

Secure-wordpress-security-tools-tips-plugins

2. WP Security Scan

This plugin will scan your WordPress installation for security vulnerabilities and it will suggest some corrective actions.

Security-scan-wordpress-security-tools-tips-plugins

3. AskApache Password Protect

This plugin doesn’t control WordPress or mess with your database, instead it utilizes fast, tried-and-true built-in Security features to add multiple layers of security to your blog. This plugin is specifically designed and regularly updated specifically to stop automated and unskilled attackers attempts to exploit vulnerabilities on your blog resulting in a hacked site.

Ask-apache-password-protect-wordpress-security-tools-tips-plugins

4. TAC (Theme Authenticity Checker)

TAC stands for Theme Authenticity Checker. Currently, TAC searches the source files of every installed theme for signs of malicious code. If such code is found, TAC displays the path to the theme file, the line number, and a small snippet of the suspect code. As of v1.3  TAC also searches for and displays static links.

Theme-authenticity-checker-wordpress-security-tools-tips-plugins

5. HTTP Authentication

The HTTP Authentication plugin allows you to use existing means of authenticating people to WordPress. This includes Apache’s basic HTTP authentication module and many others.

6. AntiVirus

Viruses, worms and malware exist for WordPress and could easily attack your WordPress installation. AntiVirus for WordPress monitors malicious injections and warns you of any possible attacks. It also has multilingual support.

Antivirus-wordpress-security-tools-tips-plugins

7. Secure Files

This plugin allows you to upload and download files from outside of your web document root for security purposes. It can be used to can restrict file downloads to users that are logged in, or have a certain user level.

8. Replace WP-Version

Security your WordPress-Installation and eliminate or replace your wp-version and database-version on easy way with a small plugin. If you’re running an older version of WordPress, anyone can view source to see what attacks might work against your blog. This plugin replaces the WP-version with a random string < WP 2.4 and eliminate WP-version > WP 2.4.

9. WP Email Guard

WP Email Guard protects your email addresses included on any post or page from being crawled by spammers. It converts every email written within your post body into a JavaScript code, so the emails is readable and can be clicked by humans only. Spammers can’t crawl JavaScript.

10. WordPress File Monitor

Monitors your WordPress installation for added/deleted/changed files. When a change is detected an email alert can be sent to a specified address.

File-monitor-wordpress-security-tools-tips-plugins

11. WP Dephorm

WP-Dephorm protects your users from the prying eyes of phorm. This is achieved by setting a cookie to opt out of the phorm information mining. Your blog viewers will not have their information stored and used in marketing campaigns whilst viewing your site.

12. WordPress Firewall

This WordPress plugin investigates web requests with simple WordPress-specific heuristics to identify and stop most obvious attacks. There exist a few powerful generic modules that do this; but they’re not always installed on web servers, and difficult to configure.

Firewall-wordpress-security-tools-tips-plugins

13. Secure Contact

SecureContact is a drop in form for users to contact you, based on the WP Contact Form plugin by Ryan Duff. It offers enhanced security by using captcha images.

14. Fast and Secure Contact Form

Fast and secure contact form for WordPress. This contact form lets your visitors send you a quick E-mail message. Blocks all common spammer tactics. Spam is no longer a problem. Includes a CAPTCHA and Akismet support. Additionally, the plugin has a multi-form feature, optional extra fields, and an option to redirect visitors to any URL after the message is sent. Super customizable.

Fast-secure-contact-form-wordpress-security-tools-tips-plugins

15. Ultimate Security Check

The Ultimate Security Check plugin helps you identify security problems with your WordPress installation. It scans your blog for hundreds of known threats, then give you a security “grade” based on how well you have protected yourself.

16. Content Security Policy

Content Security Policy prevents content injection attacks by allowing admins to specify which sites they trust to serve JavaScript and other types of content in their site. Any content which is not explicitly allowed by the policy will be blocked from loading.

Content-security-policy-wordpress-security-tools-tips-plugins

Further Resources

111 Written ArticlesWebsite

Works at 1stwebdesigner, studies photography at ISSPand seeks to enjoy life. You can check out his photography blog and follow him on twitter.

49 Comments Best Comments First
  • Nikunj

    Thursday, July 29th, 2010 15:28

    5

    Hi Daniels,

    Nice list of security plugins, enjoying your various post on 1stWD recently on my friend website got hacked with some javascript injection, i think antivirus & Content Security Policy plugin will help me to make my blog more secure from such attacks & even will recommend my friend the same.

    Thanks

    +13
  • Tony

    Thursday, July 29th, 2010 04:08

    2

    Is the WP-Spamfree plugin still being supported?

    +9
  • Sandeep

    Friday, August 20th, 2010 12:41

    20

    Nice list of Security Plugins
    thanks

    +8
  • JC Johnston

    Friday, July 30th, 2010 20:37

    17

    Thanks for sharing these plugins. I got security plugins . But you can never be to safe. I will have to look into these more.

    +7
  • Olivier Krieger

    Friday, July 30th, 2010 18:56

    16

    Great article and well written.

    I would like to also talk to you about another plugin I use to avoid spam in comments. This is called “WP Captcha Free” and works without Captacha, only based on some algorithms. Since I use it, I don’t get any spam anymore but still comments from real users.

    -Olivier

    +7
  • Musthafa

    Saturday, April 16th, 2011 19:44

    21

    Nice list bro.. it will help bloggers like us..

    +7
  • Mario

    Wednesday, July 28th, 2010 23:32

    1

    Daniels

    Nice list of security plugins for WP

    I use Login LockDown in my site

    Thank you for putting in the work of collecting and summarizing all of these security plugins.

    +6
  • Nick Bloor

    Thursday, April 21st, 2011 02:00

    22

    Nice list!

    There’s also BadPass-WP which warns WordPress users if they are using one of over 500 commonly used (and hence very weak) passwords.

    +5
    • Dainis Graveris

      Thursday, April 21st, 2011 10:19

      23

      Thank you for adding this one :)

      +4
  • jessi

    Monday, May 2nd, 2011 20:41

    24

    haa!!some new stuff about wordpress security i would like to try few…thanx for sharing your knowledge

    +5
  • Helene D.

    Thursday, July 29th, 2010 16:58

    9

    Great post.

    Bad-Behavior plugin should be added to this list. It is an excellent gatekeeper plugin that stops link spam, bad bots, and DOS attacks before they get to your site.

    +5
  • Janis Jakobsons

    Thursday, July 29th, 2010 08:23

    3

    I say thanks for author, there is many useful plugins which I have used before and I am using now. They really help to protect your blog. Thanks once more

    +5
  • Dave

    Thursday, July 29th, 2010 15:29

    6

    This is a great list. I’m personally not a fan of using Captcha (I think it strongly discourages commenting), but the DB backup utilities are extremely useful. I actually automate my database backups using WP-DB-Backup. Never have to worry about it.

    There’s still a number of plugins here that I’ll have to consider including on my installations.

    +5
  • Mali

    Thursday, July 29th, 2010 15:56

    7

    Best list ive seen for security on wordpress. I have a few of them but you have a good few I am considering using.

    Thanks

    +3
  • Irina

    Thursday, July 29th, 2010 09:48

    4

    Thanks for sharing! I definitely have to check them out!

    +2
  • Fred

    Friday, October 14th, 2011 08:40

    33

    Wow, you saved me a lot of time and research on this subject. I have implemented quite a few of these plugins especially the ones that protect your login.

    Also I wanted to mention, 1 that I found yesterday and offers a lot of options and features. It is called WebsiteDefender WordPress Security. It helped me to fix some vulnerabilites on my blog.

    +1
  • Rich

    Thursday, August 12th, 2010 22:42

    19

    Good list. BackWPup is by far the best backup plugin. I actually tried about 6 last night to find the best. It lets me set up multiple automatic backup jobs and database optimization. Wicked awesome.

    0
  • Charlie

    Thursday, July 29th, 2010 22:16

    8

    Stealth Login looks awesome but unfortunately it doesn’t work with WP 3.0

    0
  • Sherice Jacob

    Thursday, July 29th, 2010 18:31

    10

    Great article!

    Some other excellent security plugins or services for WordPress include:

    BlogWatch – http://blogsecurity.net/wordpress/blogwatch/blogwatch

    It tells you what vulnerabilities exist in your current version of WordPress and the severity of them, plus whether or not to upgrade.

    SABRE – This keeps the spambots from registering as users on your blog and spamming the heck out of your comments section. I wrote up a review of it on my blog here:

    http://ielectrify.com/tools/stop-wordpress-user-spam/

    0
  • Anil Kumar Panigrahi

    Friday, July 30th, 2010 06:12

    12

    Great article ! Thank you for sharing …

    0
  • Udegbunam Chukwudi

    Friday, July 30th, 2010 12:35

    15

    @Tony: Wp Spam Free is only available via the author’s website. For some reason WordPress took them off the repository and they aren’t saying why. Anyway I still use it on my site as it works pretty well and comes with an easy contact form.

    @Daniels: This is one hell of a list. I’ll be checking out Stealth Login. I hope it works well with Login Lockdown. I’ve also been looking for a way to backup my wordpress installation and Backup WordPress and My Ez Backup would come in handy. Here’s hoping that they all work without a hitch ;)

    0
  • Brian L

    Friday, July 30th, 2010 09:23

    13

    Great list. I’ll keep this in my bookmarks. Comment spam always seems to be an issue.

    0
  • Annabell Fuleki

    Friday, June 17th, 2011 13:00

    26

    Do you mind if I quote a couple of your posts as long as I provide credit and sources back to your site? My blog is in the very same area of interest as yours and my visitors would certainly benefit from some of the information you present here. Please let me know if this alright with you. Appreciate it!

    0
    • Rean John Uehara

      Friday, June 17th, 2011 13:04

      25

      I believe that is absolutely fine. :)

      0
  • Toby

    Wednesday, February 15th, 2012 22:29

    43

    Great info on WordPress security. Always make a backup of your site BEFORE you add security, as sometimes you can shut yourself out! Been there!

    0
  • Edossa Kenea

    Monday, February 13th, 2012 23:28

    42

    my electronic storage of my electronics documant and protect me. It has use me to avoid exost my secrate by other or others.

    0
  • Rahasia

    Saturday, February 11th, 2012 14:00

    41

    Hi, thank u for this useful security information.. :)
    I will try the security plugin you explain in the article.. fast and secure contact form is great plugin!! :)

    0
  • Karl

    Wednesday, February 8th, 2012 15:41

    40

    Greetings. We are pleased to announce the release of wSecure. wSecure hides your WordPress admin URL with a special key so that only you can access. The problem with WordPress is that anyone can tell if your site is WordPress by simply typing in the default URL to the administration area (i.e. http://www.yoursite.com/wp-admin). wSecure helps you hide the fact that your website is built with Worpdress from prying eyes.

    0
  • Arsh

    Saturday, March 10th, 2012 16:07

    44

    Nice post searching for security plugins and got bulk out here need not to look any other website

    0
  • rafi

    Monday, April 9th, 2012 00:33

    45

    wonderful security plugins

    0
  • Anders Vinther

    Wednesday, May 16th, 2012 12:16

    49

    This is a great list of things to do to secure your WordPress site…

    I recently had some security problems with my WordPress sites, and ended up doing a lot of research into securing WordPress sites…

    0
  • Elizabeth Ricci

    Wednesday, April 18th, 2012 16:38

    47

    Great article about protecting your WordPress site, we have written something similar to this on our blog. http://www.lucidagency.com/wordpress/quick-guide-to-securing-wordpress-from-malware-and-hacking/

    0
    • Dainis Graveris

      Thursday, April 19th, 2012 08:22

      48

      Really good post Elizabeth, let me check and try those snippets myself.

      0
  • Hariharakumar

    Wednesday, April 11th, 2012 18:13

    46

    are there any server space monitoring wordpress plugins? my server used space is increasing day by day. i was only installing plugins and nothing.

    0
  • Tren

    Wednesday, February 8th, 2012 08:01

    39

    Great Plugin..
    Plugin Secure WordPress is best.. ;)

    thank’s..

    0
  • mohammad

    Wednesday, February 8th, 2012 07:37

    38

    an awesome plugin are you given for us
    thanks a lot brother
    cheers ;)

    0
  • Damanjit Singh

    Saturday, October 8th, 2011 19:25

    31

    Very nice collection of wordpress plugins.

    0
  • Alan

    Thursday, September 22nd, 2011 10:54

    30

    can u suggest a plugin where i can block an IP basis the no of clicks or time spent on the site. so if an ip comes to the site and does x number of clicks in a given time frame then it will be blocked automatically.

    0
  • Adam Haworth

    Saturday, August 27th, 2011 12:17

    29

    Great plug-ins I have been looking for some security plug-ins for my site for a while, and didn’t want to install SSL.

    0
  • Sandeep Yadav

    Tuesday, June 28th, 2011 12:45

    27

    From long time i was searching for Good security plugins and i found here best. I m trying to apply some plugins from this awesome list and hope i make my blog more secure. Thanks for publish this valuable list. It will help new bloggers for create secure environment for WordPress :-)

    0
  • Irfan Shakeel

    Sunday, August 7th, 2011 21:23

    28

    what an amazing article great work keep it up!!!!!!!!!!!!!!!!!!!!!!!

    0
  • Pulkit Kaushik

    Wednesday, October 12th, 2011 01:45

    32

    Fantastic list! I’ve taken about 7 plugins from here. Wonder why this list hasn’t gone viral.

    0
  • Hazel

    Wednesday, November 30th, 2011 04:16

    34

    Great list! I’m interested in the Stealth Login plugin but the link above does not work.

    0
  • Kiran Singh

    Friday, January 13th, 2012 05:12

    37

    Great list of plugin! I am going to install right away.

    Many Thanks,
    Kiran

    0
  • Marc Connor

    Thursday, December 22nd, 2011 11:13

    36

    Powerful list Daniels. I’ve already installed and activated a couple, the rest I’ll do later on today.

    BTW, please note that the ” Stealth Login” plugin is no longer in existence. Either find a replacement one or make a note that it’s no longer there.

    Keep up the great work.

    0
  • Mike

    Saturday, December 17th, 2011 16:40

    35

    May I recommend WordPress HTTPS? http://wordpress.org/extend/plugins/wordpress-https/ :)

    0
  • Rick

    Thursday, July 29th, 2010 21:33

    11

    I’m not a wordpress user but it seems to me if you need 35 plugins to make your site secure, you’re using the wrong CMS. Why aren’t these built into WP?

    -1
    • Daniel

      Friday, July 30th, 2010 10:52

      14

      You don’t actually need all 35. You can do just fine with 2 or 3. This article gives you the chance to contemplate and pick the best ones for you.

      +1
  • Akash Padhiyar

    Saturday, July 31st, 2010 19:13

    18

    Nice Collection….

    -2
  • Anders Vinther

    Wednesday, May 16th, 2012 12:16

    49

    This is a great list of things to do to secure your WordPress site…

    I recently had some security problems with my WordPress sites, and ended up doing a lot of research into securing WordPress sites…

    0
  • Elizabeth Ricci

    Wednesday, April 18th, 2012 16:38

    47

    Great article about protecting your WordPress site, we have written something similar to this on our blog. http://www.lucidagency.com/wordpress/quick-guide-to-securing-wordpress-from-malware-and-hacking/

    0
    • Dainis Graveris

      Thursday, April 19th, 2012 08:22

      48

      Really good post Elizabeth, let me check and try those snippets myself.

      0
  • Hariharakumar

    Wednesday, April 11th, 2012 18:13

    46

    are there any server space monitoring wordpress plugins? my server used space is increasing day by day. i was only installing plugins and nothing.

    0
  • rafi

    Monday, April 9th, 2012 00:33

    45

    wonderful security plugins

    0
  • Arsh

    Saturday, March 10th, 2012 16:07

    44

    Nice post searching for security plugins and got bulk out here need not to look any other website

    0
  • Toby

    Wednesday, February 15th, 2012 22:29

    43

    Great info on WordPress security. Always make a backup of your site BEFORE you add security, as sometimes you can shut yourself out! Been there!

    0
  • Edossa Kenea

    Monday, February 13th, 2012 23:28

    42

    my electronic storage of my electronics documant and protect me. It has use me to avoid exost my secrate by other or others.

    0
  • Rahasia

    Saturday, February 11th, 2012 14:00

    41

    Hi, thank u for this useful security information.. :)
    I will try the security plugin you explain in the article.. fast and secure contact form is great plugin!! :)

    0
  • Karl

    Wednesday, February 8th, 2012 15:41

    40

    Greetings. We are pleased to announce the release of wSecure. wSecure hides your WordPress admin URL with a special key so that only you can access. The problem with WordPress is that anyone can tell if your site is WordPress by simply typing in the default URL to the administration area (i.e. http://www.yoursite.com/wp-admin). wSecure helps you hide the fact that your website is built with Worpdress from prying eyes.

    0
  • Tren

    Wednesday, February 8th, 2012 08:01

    39

    Great Plugin..
    Plugin Secure WordPress is best.. ;)

    thank’s..

    0
  • mohammad

    Wednesday, February 8th, 2012 07:37

    38

    an awesome plugin are you given for us
    thanks a lot brother
    cheers ;)

    0
  • Kiran Singh

    Friday, January 13th, 2012 05:12

    37

    Great list of plugin! I am going to install right away.

    Many Thanks,
    Kiran

    0
  • Marc Connor

    Thursday, December 22nd, 2011 11:13

    36

    Powerful list Daniels. I’ve already installed and activated a couple, the rest I’ll do later on today.

    BTW, please note that the ” Stealth Login” plugin is no longer in existence. Either find a replacement one or make a note that it’s no longer there.

    Keep up the great work.

    0
  • Mike

    Saturday, December 17th, 2011 16:40

    35

    May I recommend WordPress HTTPS? http://wordpress.org/extend/plugins/wordpress-https/ :)

    0
  • Hazel

    Wednesday, November 30th, 2011 04:16

    34

    Great list! I’m interested in the Stealth Login plugin but the link above does not work.

    0
  • Fred

    Friday, October 14th, 2011 08:40

    33

    Wow, you saved me a lot of time and research on this subject. I have implemented quite a few of these plugins especially the ones that protect your login.

    Also I wanted to mention, 1 that I found yesterday and offers a lot of options and features. It is called WebsiteDefender WordPress Security. It helped me to fix some vulnerabilites on my blog.

    +1
  • Pulkit Kaushik

    Wednesday, October 12th, 2011 01:45

    32

    Fantastic list! I’ve taken about 7 plugins from here. Wonder why this list hasn’t gone viral.

    0
  • Damanjit Singh

    Saturday, October 8th, 2011 19:25

    31

    Very nice collection of wordpress plugins.

    0
  • Alan

    Thursday, September 22nd, 2011 10:54

    30

    can u suggest a plugin where i can block an IP basis the no of clicks or time spent on the site. so if an ip comes to the site and does x number of clicks in a given time frame then it will be blocked automatically.

    0
  • Adam Haworth

    Saturday, August 27th, 2011 12:17

    29

    Great plug-ins I have been looking for some security plug-ins for my site for a while, and didn’t want to install SSL.

    0
  • Irfan Shakeel

    Sunday, August 7th, 2011 21:23

    28

    what an amazing article great work keep it up!!!!!!!!!!!!!!!!!!!!!!!

    0
  • Sandeep Yadav

    Tuesday, June 28th, 2011 12:45

    27

    From long time i was searching for Good security plugins and i found here best. I m trying to apply some plugins from this awesome list and hope i make my blog more secure. Thanks for publish this valuable list. It will help new bloggers for create secure environment for WordPress :-)

    0
  • Annabell Fuleki

    Friday, June 17th, 2011 13:00

    26

    Do you mind if I quote a couple of your posts as long as I provide credit and sources back to your site? My blog is in the very same area of interest as yours and my visitors would certainly benefit from some of the information you present here. Please let me know if this alright with you. Appreciate it!

    0
    • Rean John Uehara

      Friday, June 17th, 2011 13:04

      25

      I believe that is absolutely fine. :)

      0
  • jessi

    Monday, May 2nd, 2011 20:41

    24

    haa!!some new stuff about wordpress security i would like to try few…thanx for sharing your knowledge

    +5
  • Nick Bloor

    Thursday, April 21st, 2011 02:00

    22

    Nice list!

    There’s also BadPass-WP which warns WordPress users if they are using one of over 500 commonly used (and hence very weak) passwords.

    +5
    • Dainis Graveris

      Thursday, April 21st, 2011 10:19

      23

      Thank you for adding this one :)

      +4
  • Musthafa

    Saturday, April 16th, 2011 19:44

    21

    Nice list bro.. it will help bloggers like us..

    +7
  • Sandeep

    Friday, August 20th, 2010 12:41

    20

    Nice list of Security Plugins
    thanks

    +8
  • Rich

    Thursday, August 12th, 2010 22:42

    19

    Good list. BackWPup is by far the best backup plugin. I actually tried about 6 last night to find the best. It lets me set up multiple automatic backup jobs and database optimization. Wicked awesome.

    0
  • Akash Padhiyar

    Saturday, July 31st, 2010 19:13

    18

    Nice Collection….

    -2
  • JC Johnston

    Friday, July 30th, 2010 20:37

    17

    Thanks for sharing these plugins. I got security plugins . But you can never be to safe. I will have to look into these more.

    +7
  • Olivier Krieger

    Friday, July 30th, 2010 18:56

    16

    Great article and well written.

    I would like to also talk to you about another plugin I use to avoid spam in comments. This is called “WP Captcha Free” and works without Captacha, only based on some algorithms. Since I use it, I don’t get any spam anymore but still comments from real users.

    -Olivier

    +7
  • Udegbunam Chukwudi

    Friday, July 30th, 2010 12:35

    15

    @Tony: Wp Spam Free is only available via the author’s website. For some reason WordPress took them off the repository and they aren’t saying why. Anyway I still use it on my site as it works pretty well and comes with an easy contact form.

    @Daniels: This is one hell of a list. I’ll be checking out Stealth Login. I hope it works well with Login Lockdown. I’ve also been looking for a way to backup my wordpress installation and Backup WordPress and My Ez Backup would come in handy. Here’s hoping that they all work without a hitch ;)

    0
  • Brian L

    Friday, July 30th, 2010 09:23

    13

    Great list. I’ll keep this in my bookmarks. Comment spam always seems to be an issue.

    0
  • Anil Kumar Panigrahi

    Friday, July 30th, 2010 06:12

    12

    Great article ! Thank you for sharing …

    0
  • Rick

    Thursday, July 29th, 2010 21:33

    11

    I’m not a wordpress user but it seems to me if you need 35 plugins to make your site secure, you’re using the wrong CMS. Why aren’t these built into WP?

    -1
    • Daniel

      Friday, July 30th, 2010 10:52

      14

      You don’t actually need all 35. You can do just fine with 2 or 3. This article gives you the chance to contemplate and pick the best ones for you.

      +1
  • Sherice Jacob

    Thursday, July 29th, 2010 18:31

    10

    Great article!

    Some other excellent security plugins or services for WordPress include:

    BlogWatch – http://blogsecurity.net/wordpress/blogwatch/blogwatch

    It tells you what vulnerabilities exist in your current version of WordPress and the severity of them, plus whether or not to upgrade.

    SABRE – This keeps the spambots from registering as users on your blog and spamming the heck out of your comments section. I wrote up a review of it on my blog here:

    http://ielectrify.com/tools/stop-wordpress-user-spam/

    0
  • Helene D.

    Thursday, July 29th, 2010 16:58

    9

    Great post.

    Bad-Behavior plugin should be added to this list. It is an excellent gatekeeper plugin that stops link spam, bad bots, and DOS attacks before they get to your site.

    +5
  • Charlie

    Thursday, July 29th, 2010 22:16

    8

    Stealth Login looks awesome but unfortunately it doesn’t work with WP 3.0

    0
  • Mali

    Thursday, July 29th, 2010 15:56

    7

    Best list ive seen for security on wordpress. I have a few of them but you have a good few I am considering using.

    Thanks

    +3
  • Dave

    Thursday, July 29th, 2010 15:29

    6

    This is a great list. I’m personally not a fan of using Captcha (I think it strongly discourages commenting), but the DB backup utilities are extremely useful. I actually automate my database backups using WP-DB-Backup. Never have to worry about it.

    There’s still a number of plugins here that I’ll have to consider including on my installations.

    +5
  • Nikunj

    Thursday, July 29th, 2010 15:28

    5

    Hi Daniels,

    Nice list of security plugins, enjoying your various post on 1stWD recently on my friend website got hacked with some javascript injection, i think antivirus & Content Security Policy plugin will help me to make my blog more secure from such attacks & even will recommend my friend the same.

    Thanks

    +13
  • Irina

    Thursday, July 29th, 2010 09:48

    4

    Thanks for sharing! I definitely have to check them out!

    +2
  • Janis Jakobsons

    Thursday, July 29th, 2010 08:23

    3

    I say thanks for author, there is many useful plugins which I have used before and I am using now. They really help to protect your blog. Thanks once more

    +5
  • Tony

    Thursday, July 29th, 2010 04:08

    2

    Is the WP-Spamfree plugin still being supported?

    +9
  • Mario

    Wednesday, July 28th, 2010 23:32

    1

    Daniels

    Nice list of security plugins for WP

    I use Login LockDown in my site

    Thank you for putting in the work of collecting and summarizing all of these security plugins.

    +6

Comments are closed.

54.196.233.250 - unknown - unknown - US