Don’t Get Hacked! 6 WordPress Security Plugins

Written by | Posted in WordPress | Posted on Date 03-02-2012 | Comments 40 Comments
Tags:

wordpress-plugins

So you have created a nice new WordPress blog. You have completed the famous 5 minute installation in 5 seconds. Picked out a sexy new template and haphazardly stripped out the creator’s attribution links from the footer (naughty, naughty)and started ferociously uploading every plugin you can find about twitter and Facebook. You publish you first couple of posts and feel on top of the world. That is, until one day, you are narcissistically  Googling your own website only to find this:

Image Source: http://www.pearsonified.com/

That’s right. The pharma hackers have cracked into your WordPress blog and you are now left looking like a pill pusher.

Bye Bye New traffic.

Fairwell Credability.

Bon Voyage Google Rankings.

So what can you do to increase the security on your WordPress site? Here are the top 10 plugins for your website to protect against spammers and black hat pharma SEOs.

Akismet

Yes, I know it comes as standard with a WordPress installation but how many of you are going to the trouble of activating the new API key and connecting it to the Akismet database?
The great thing about this plugin is that it actually accesses a database of black listed URLS and IP addresses and stops any bots or spammers from posting links on your blog. It also comes with an option to blacklist certain words and phrases to protect you from having any adult content posted.

Limit Login attempts

This plugin does exactly what it says on the tin. It limits the amount of times a particular IP address can attempt to login to your WordPress site. Although a word of caution, if you are the forgetful type you can find yourself being locked out of your own blog because you have entered the wrong password 3 times. But don’t worry it will let you try again after a couple of hours.

WordPress Firewall

This nifty little plugin stops all sorts of attacks on you r site by determining any unusual requests or parameters within the WordPress code. The plugin claims to stop
·         SQL Injections
·         Exe file uploads
·         Block known blacklist IPs
·         A list of parameters and queries that will make your eyes water.

WP security Scan

WP security scan scans the files on your WordPress site to check for any potential vulnerability in the file permissions. For example, if you have a writeable, readable and executable htaccess file, WP security scan will alert you to this fact and suggest the appropriate action in order to fix the security hole.

The great thing about the WP security scan is that it removes any footprints about the WordPress system you are using and also enhances the database security.

WordPress Database Backup

This is another self-explanatory plugin but an essential one, nonetheless. The WordPress Database backup allows for copies of the database to be created away from the main database location. This means that even if you website is hacked. You can create a fresh install and repopulate the site with the information on the site previous to the hack.

Login Encrypt

According to the dark coding wizards that created this one:
“An encryption plugin that ciphers the password using RSA and DES, securing login without SSL”
For the non-programmers out there, this plugin basically scrambles the password when you are typing it into your site. It then sends the scrabbled version to the database which is the unscrambled at the other end. This means that sensitive information is not transmitted; this limits the possibility of hackers gaining access to your credentials.

This is also for connecting via social network handles.

Related Posts

About Ross Tavendale

Connect with Ross at: Twitter | Facebook | LinkedIn

Ross has written 1 articles at Blondish.net.

Comment Policy

Please do not leave just keywords for your name. You will no longer be approved. The correct way to leave your name is YOUR NAME @ YOUR KEYWORD or YOUR NAME | KEYWORD if you choose to use a keyword.

Comments (40)

  • Chris Wiegman
    Twitter:
    says:

    Another one I would like to mention is Better WP Security. It addresses many of the inherent shortcomings caused by both the popularity of WordPress as well as bad code in themes, plugins, etc.
    Chris Wiegman recently posted..One Simple Way To Secure WordPressMy Profile

  • I’ve been working with WordPress for a while now and to be honest, thankfully, everything is quite well. Although we experience some bugs, but we’ve managed along the way. But we definitely have to look into all this. Which one do you recommend? I think I’ll start with activating the API key since I have personally encountered an error that has something to do with the API a few days ago.
    Hannah Hamilton recently posted..The Best Bag for Every Type of TravelerMy Profile

  • Amrik
    Twitter:
    says:

    Great tips. It will make my wordpress more secure and safe. Thanks for sharing.
    Amrik recently posted..4 Best Blogging Platform For Team BlogMy Profile

  • Chris from Owner Financing
    Twitter:
    says:

    Great post… First i’ve seen like it. I’ve always wondered if there was a way to back up the database without going through mysql and the ftp and all those other areas that are foreign to me. Thanks for sharing!
    Chris recently posted..Where To Find Owner Financed Homes AustinMy Profile

  • Excellent collection of security tools, Ross. And a powerful reminder for us bloggers to beef up our blog security. I have used and love some of these plugins. The one that’s got my attention here is WordPress Firewall. I think I’d to explore this particular plugin. Thanks!
    Srinivas Reddy | Ask Sage recently posted..The Power Of HabitMy Profile

  • Anonymous says:

    Another one you may want to add is WP Lockdown – http://wordpress.org/extend/plugins/login-lockdown/

    I’m not sure if loading 6-7 security plugins would hamper my site’s speed, any ideas?

    Also there are some services which help you remotely backup and restore your blog if its hacked or compromised, but yes it does have a monthly charge :)

  • vishvast
    Twitter:
    says:

    hello
    Ross Tavendale
    very nice info thnx for sharing it security is one of the most important thing in wordpres it will help me to make my work more secure and safe thnx for sharing
    vishvast recently posted..Android Apps You Need to TryMy Profile

  • Gagan Arora says:

    few days ago hackers trying ti hack my blog..but due to these plugins i save my blog from hacking..i know only few plugins from list..thanks for share plugins…
    Gagan Arora recently posted..The Vampire Diaries S03E13 !StRiCkEr! HDRip Mediafire Links 350 MB.My Profile

  • Jordan
    Twitter:
    says:

    I use some of them.
    For my luck, to this day, I don’t have problem with security.
    Regards!
    Jordan recently posted..Cocktail "Sunny Pina Colada"My Profile

  • Fantastic post! Thank you for all of the advice about securing a wordpress account. It is amazing the steps we have to take these days to keep the hackers at bay.

    Thanks for sharing.

  • Tushar says:

    Your list is prety log. I am using one one which is really owesome name : login lockdown. It prevent the unnecessory logins to the site.
    Tushar recently posted..How to create friendly URL for your Facebook Fan Pages EasilyMy Profile

  • Mike says:

    No one really understands importance of securing your blog unless your website is hacked at least once. I learned this lesson and now each time I create new website I am rally cautious about security.
    Thanks Ross for tips!
    Mike recently posted..Vocabulary Level E AnswersMy Profile

  • Joe M says:

    Thanks for the plug-in suggestions!

    One thing that an help with securing your WordPress blog is taking advantage of the ability to customize the config.php file, especially the security keys. This will go a long way into securing your WordPress site.
    Joe M recently posted..Some Privacy RequiredMy Profile

  • Linda from RetailMeNot Clone says:

    Hi …The post is really good ….contains lot of useful information will definitely follow your safety tips ..thanks for sharing

  • thanks for sharing this post, i m new in blogging and this post will help me. Thanks again!!!

  • i was used that before!

  • Anonymous
    Twitter:
    says:

    this is some good info, i’ve been looking this plugin for a long time. i got hacked for a several time though -__-
    thanks…! :)

  • Maria says:

    I usually use Akismet to keep my blog away from spam.
    Maria recently posted..White Hello Kitty Iphone 4 case – $7.99My Profile

  • Good tip with Askimet but regarding the security settings I feel a bit lost – it’s quite a learning curve when you start out new.
    Thanks for sharing and I will follow your recommendations
    Christian Hofer recently posted..Passionate Purposefulness – 1My Profile

  • Adrian says:

    I was never thinking about webs security but is time now. I like plugins :) Thanks for that.

  • Mark
    Twitter:
    says:

    Thanks for sharing an Informatic post.
    Mark recently posted..Mirrorless camera: A New Edition in Gadgets Technology Era .My Profile

  • Michael
    Twitter:
    says:

    Thank you for this information. I am just getting started with our blog and I will be sure to look into these 6 plugins. This is an ever growing problem.

  • Raena Lynn
    Twitter:
    says:

    Hi Ross and Niles,

    Thanks for this practical, useful post on blog security. I use two of the plugins listed, and I will definitely check out a couple of the others. Installing the best security plugins are like not having insurance. You don’t pay attention until it’s breached and too late.

    Another parallel is backing up your blog. People create their blogs and do not pay attention to installing a good back up plugin. When there is a glitch or hack and they lose all of their work, all of a sudden it is important. The same is true for security. Protection is a good thing!

    Thanks!

    Raena Lynn
    Raena Lynn recently posted..17 Marketing Problems With Online MarketersMy Profile

  • I actually developed a WordPress site that got hacked. Nothing as serious as the example in the blog. Somehow miles of code was added to this site and it made a page entirely blank. I haven’t logged into the site for months and the client didn’t either. I guess I was lucky it was minor. I will be definitely be checking out the security plugins. I will play around with them to see which one I like the best. Thanks for posting this. It was quite timely for me.
    Brennan Deitsch recently posted..How to Use QR Codes to Market your BusinessMy Profile

  • prashant says:

    I think Akismet is the best plugin.. Nice post It’s help me a lot.
    thanks for sharing.. :)
    prashant recently posted..Galaxy Nexus – Best Samsung smartphone with Android 4.0My Profile

  • Perry Davis
    Twitter:
    says:

    Hello Nile

    Hacker attacks across the web are getting more sophisticated every day. Your reminder that if care is not taken,we might be a victim of these hackers is very helpful. Thanks for this list it contains some plugins that I have not been using but am adding to beef up my security.

    Thanks

    Perry A Davis Jr
    Music City

    • Nile says:

      Outside of being hacked through your WordPress install, you also have server level like Denial of Service attacks. Some people are not really targeting you in particular, but may be having fun or exposing a flaw. I remember a couple different hacks that resulted in immediate patch updates for WordPress within hours of many different sites being infiltrated.

  • I had never considered this but you are right; a hack like the one you highlighted would kill credibility.
    Matt Kinsella recently posted..Paid To PlayMy Profile

    • Nile says:

      Your site’s search results could be hacked and show up to promote inappropriate things. Chris Pearson, who most people in the WordPress community know as the Thesis framework creator had this happen in the past. Since then, he has buckled down on his site’s security.

  • Aman Kashyap says:

    Very informative article Ross! Never used word press due to fear of security. But after reading this article, i just made up my mind to make a blog site. Can i get a tutorial on these plug-ins. New to word-press so obviously new to its plug-ins. Suggest me please.
    Aman Kashyap recently posted..TimeToSpa Coupon & ReviewMy Profile

  • Great plugins Ross,

    The topic of blog security is so often overlooked by people its quite incredible. One plugin you might want to add to your links is “WordPress File Monitor” that allows you to see if any files been changed on server.

    This is something I learned by reading this excellent post on WordPress security and it is very comprehensive: http://www.howtospoter.com/web-20/wordpress/triple-p-of-total-wordpress-security
    Linda Campbell recently posted..Yeast Cures – Yeast Infection No More ReviewMy Profile

  • Robert
    Twitter:
    says:

    I’m glad I came across this article, because protecting my blog is definitely something that’s been on my mind a lot lately. Too many people in my niche have been getting hacked, and I really don’t want to be the next one.

    I was guilty of not getting the API key for Akismet, but for $5/month, why not? I also picked up a few more of the plugins listed, but I did go with a different backup plugin.
    Robert recently posted..How Visual Impact Muscle Building Helped Me Lose 20 PoundsMy Profile

  • jobin says:

    It is very helpful to me this blog…Thank you for all of the advice about securing a wordpress account….Thank you…

    http://www.findghar.com

  • saha
    Twitter:
    says:

    Very useful information for every WordPress blogger. Security is really a big issue now. securing a WordPress site is an ever growing problem. but this info will help.
    saha recently posted..The iPad3 will be available from 16th MarchMy Profile

  • Janyson says:

    Interesting information but I suggest to use the manual techniques to protect a wordpress blog rather then an automatic.

  • Write a comment

    CommentLuv badge