The Best Plugins to Make Your WordPress Blog Secure
Chances are that if you run a blog, it will be on WordPress – but how do you make your WordPress blog secure?
WordPress is used by nearly 20% of the published websites globally. Unfortunately the popularity of WordPress means that it’s a target for hackers. Many bloggers won’t even know that their website has been compromised, and in some circumstances won’t know until it’s too late – they will lose their entire blog. Thankfully there are some precautions you can take with some ready-made plugins to help make your WordPress blog more secure.
Here are IT Support London HQ’s top suggestions on which ones you need to install and why:
Login Lockdown - http://wordpress.org/extend/plugins/login-lockdown
Some hackers will try to login to your blog using the WP-Admin page. You can make yours more secure with the Login Lockdown plugin. This will let you specify how many login attempts you will let your blog accept from an individual IP address until it locks that user out for a specified length of time. We always set ours to 5 failed login attempts over a 24 hour period.
WP-DB-Backup - http://wordpress.org/extend/plugins/wp-db-backup
It’s not just hackers that can ruin your blog. We’ve had lots of customers who have tried to make a back-end database change with tragic results. If you want to protect the WordPress database with all your content from hackers, or your own mistakes, install the WP-DB-Backup plugin. This will save a copy of all your content intermittently so you can always roll back to a previous version of the website if you need to.
WP Security Scan - http://wordpress.org/extend/plugins/wp-security-scan
This neat little plugin will scan your WordPress set-up for any known security vulnerabilities that have not yet been addressed with the latest WordPress software update. If it finds a security hole it will tell you what action you need to take in order to fix it.
AntiVirus - http://wordpress.org/extend/plugins/antivirus
The AntiVirus plugin does exactly what it says on the tin. It will check for commonly known worms, malware and viruses attacking your WordPress blog and will warn you against them via an admin email. You can then take the suggested preventative action.
WordPress File Monitor – http://wordpress.org/extend/plugins/wordpress-file-monitor
This plugin will scan your WordPress site daily to check for any added or changed files. It will then email you. Chances are you will have made the change yourself, but if you see anything suspicious that you did not change or upload then it could be the sign of your blog being accessed by a third party without your consent.
WordPress Firewall - http://wordpress.org/extend/plugins/wordpress-firewall
WordPress Firewall lets you add additional security features that would normally need to be configured by an IT support company, or your hosting provider, on the server where your WordPress blog is installed. Just gives you an extra layer of security and control over your website.
Final Words – Make Sure You Update WordPress!
My final piece of advice, and probably the most important of all is that WordPress regular updates its software. This isn’t typically to include new functionality, but is instead a patch to fix any security issues. Hackers are always trying to hack WordPress websites, which means the software developers need to be constantly one step ahead. When you login to WordPress you might see the prompt seen in the image below. Always, always, update. That way you can be sure you are running the most secure version of WordPress and reduce the chances of having your blog compromised.
Author Credits: This guide to WordPress security was written by the team at the IT Support London HQ. They are one of the leading tech support companies in London. If you would like their help with any IT problems and issues you might have including remote IT support then please visit their website.
Top Mistakes to Make on Your Blog that Make you seem Less Professional
