So you have created a nice new WordPress blog. You have completed the famous 5 minute installation in 5 seconds. Picked out a sexy new template and haphazardly stripped out the creator’s attribution links from the footer (naughty, naughty)and started ferociously uploading every plugin you can find about twitter and Facebook. You publish you first couple of posts and feel on top of the world. That is, until one day, you are narcissistically Googling your own website only to find this:
Image Source: http://www.pearsonified.com/
That’s right. The pharma hackers have cracked into your WordPress blog and you are now left looking like a pill pusher.
Bye Bye New traffic.
Bon Voyage Google Rankings.
So what can you do to increase the security on your WordPress site? Here are the top 10 plugins for your website to protect against spammers and black hat pharma SEOs.
Yes, I know it comes as standard with a WordPress installation but how many of you are going to the trouble of activating the new API key and connecting it to the Akismet database?
The great thing about this plugin is that it actually accesses a database of black listed URLS and IP addresses and stops any bots or spammers from posting links on your blog. It also comes with an option to blacklist certain words and phrases to protect you from having any adult content posted.
This plugin does exactly what it says on the tin. It limits the amount of times a particular IP address can attempt to login to your WordPress site. Although a word of caution, if you are the forgetful type you can find yourself being locked out of your own blog because you have entered the wrong password 3 times. But don’t worry it will let you try again after a couple of hours.
This nifty little plugin stops all sorts of attacks on you r site by determining any unusual requests or parameters within the WordPress code. The plugin claims to stop
· SQL Injections
· Exe file uploads
· Block known blacklist IPs
· A list of parameters and queries that will make your eyes water.
WP security Scan
WP security scan scans the files on your WordPress site to check for any potential vulnerability in the file permissions. For example, if you have a writeable, readable and executable htaccess file, WP security scan will alert you to this fact and suggest the appropriate action in order to fix the security hole.
The great thing about the WP security scan is that it removes any footprints about the WordPress system you are using and also enhances the database security.
This is another self-explanatory plugin but an essential one, nonetheless. The WordPress Database backup allows for copies of the database to be created away from the main database location. This means that even if you website is hacked. You can create a fresh install and repopulate the site with the information on the site previous to the hack.
According to the dark coding wizards that created this one:
“An encryption plugin that ciphers the password using RSA and DES, securing login without SSL”
For the non-programmers out there, this plugin basically scrambles the password when you are typing it into your site. It then sends the scrabbled version to the database which is the unscrambled at the other end. This means that sensitive information is not transmitted; this limits the possibility of hackers gaining access to your credentials.