WordPress based websites, like any other CMS are vulnerable to hacking. A tightly secured and “safe-from-hackers” website is the top most priority of a blogger. Several free and premium plugins are available on the web for enhancing the WordPress’ security system. Here is a collection of the Top 24 WordPress Security Plugins to increase the security of your blog.
Antivirus is a simple plugin which scans through your wordpress directory and notifies(through email) the administrator,if there is any malicious content found. This process is performed automatically and on daily basis, ensuring a safer and secure website.
Ask Apache Password Protect[divider]
As the name suggests, Ask Apache adds extra password protection and security to your website. The preview image shall give you an idea of the functionality of this plugin.
Better WP Security[divider]
Better WP Security is acclaimed as the #1 Security Plugin for WordPress. Making use of some its features, you can obscure the wp-admin page, change the administrator id/password, detect loopholes in the plugin files, strengthen server security and much much more.
This is definitely a complete and perfect plugin for your blog. Worth a try!
Block Bad Queries[divider]
This is a simple plugin that secures your website against malicious url requests. BBQ is compatible up to the version 3.5.2 of Wordprees(as of now).
BulletProof secures your website against CRLF, RFI, CSRF, Base64, XSS, Code Injection and SQL Injection. It provides login security and monitors login data.
Exploit Scanner searches through the files/database tables/posts of your website for any harmful content. It even scans all the other plugin files.
In my opinion, this is a plugin that every webmaster should use. It puts up 2 step verification to your WordPress login page making use of the Google Authenticator app for Android/iPhone/Blackberry making your login activity safer and secure.
Hide My WP is a premium plugin from codecanyon.net. As displayed in the image below, this plugin hides the blogging platform of your blog.
HTTP Authentication Options[divider]
This plugin uses an external authentication source for more security.
Limit Login Attempts[divider]
Allows the administrator to restrict the number of attempts for a user to log in.
Login Ninja is another premium plugin from codecanyon.net. It protects login and register forms using captcha, auto bans malicious IP’s , notifies the administrator about the login activity and has many other features.
Login Security Solution[divider]
Login Security Solution tracks IP’s, usernames, and passwords for any injurious attack.
One Time Password[divider]
This plugin makes passwords valid for single sessions only.
Secure WordPress increases the security of your WordPress blog by removing error info from login pages, adds index.html to plugin folders, hides the WordPress platform version and much more.
Scans your website for security vulnerabilities, plus performs 31+ test including brute force attacks.
Stealth Login Page[divider]
This plugin protects your wordpress login page through a special authorization code. It is compatible up to the version 3.6 of WP.
Perfect for user management and security, User Locker locks an account if multiple incorrect attempts are made. Password has to be changed in order to unlock it.
Is another useful and powerful plugin which scans all your wordpress files for any harmful content or code.
With over 600,000 downloads, Wordfence is a popular security plugin. Its features include : firewall protection, real-time traffic analysis with geo locaiton, virus scanning, tw0-step authentication etc.
Wordfence is multi-site compatible and its “mobile sign in feature” makes your website stand strong against brute force attacks.
WordPress File Monitor Plus[divider]
This plugin monitors all your WP file and if there is any change made, a notification is sent to the administrator.
WP Login Security 2[divider]
White lists user ip addresses. If a user logs in from an unrecognized IP, the plugin notifies the user through an email.
Very similar to File Monitor Plus, scans the WP files and emails the admin for any change made.