9 WordPress Security And Anti-Spam Plugins
“WordPress is not safe, beware of the hackers”. These are the words that I heard the most after switching to WordPress. Even though I was already aware of the fact that mane self-hosted WordPress blogs are hacked daily, but after getting so many warnings from the experienced users, I had to mad sure that I would be prepared for any such bad thing.
Thus began my quest for WordPress security plugins. Here’s a list of the ones I am using at the moment, or have used, and some of their alternatives.
1) Wordfence Security
Thanks to Lisa (@Lisapatb) for introducing this awesome plugin to me. The Wordfence Security plugin includes an antivirus, a malicious links scanner, a firewall and a live traffic display showing all the hits to your blog’s server (including all the crawlers and bots). The last feature is the only reason I am using this plugin over any other plugin. And not only that, it can also notify you about any changes to your WordPress files and also about invalid login attempts to your site. Other features include IP blocking, country blocking, Whois lookup. The paid version also has a option to schedule scans.
Link – Wordfence Security
2) Secure WordPress
Secure WordPress does all the basic stuff that you need to be for a wordpress blog, like making your WordPress version invisible, taking away the permission from non-admins to see and update plugins, themes and the core WordPress software. A simple plugin which does the job and can be used with Wordfence
Link – Secure WordPress
3) Better WP Security
This can be a very good alternative to both Wordfence and Secure WordPress. It does all those stuff, plus has got more features like changing your login URL, admin URL etc. It also has a backup and restore function for your database. But doesn’t allow you to backup your database to Dropbox (the feature I am looking for). Nonetheless, it is a complete security plugin. Thanks to Bren (@MyGrlyPrts) for telling me about this plugin.
Link – Better WP Security
Also read : Better WP Security VS Wordfence
4) Stealth Login Page
S the name suggests, this plugin hides your login URL. It creates a custom URL for your login.php page. Users trying to access your normal login.php page will be redirected to some other URL specified by you (for example your site’s URL). So only you will know the actual custom login URL and can access the login page.
(WARNING : Make sure you have noted down your login URL, and you have ticked the “send to Email” option. If you forget the custom URL, you will also be out of your blog)
Link – Stealth Login Page
5) Limit Login Attempts
Another pretty simple plugin which does the job perfectly. It will restrict an IP address to try to login after a specified amount of failed login attempts. This is a standalone plugin, bu if you are using Wordfence, then you don’t need this one.
Link – Limit Login Attempts
Backup And Restore Plugins
It is always a good practice to backup your files and databases regularly. Not only that, you should always backup before making any changes, like theme change, updates etc.
1) UpdraftPlus Backup
UpdraftPlus not only backups all your files and database, but also has a restoration feature. And to add to that, it allows you to backup all the data to your Dropbox, Google Drive, Amazon S3 etc. apart from mailing it. The Dropbox feature sealed the deal for me for the backup plugins.
Link – UpdraftPlus
Another good plugin for backup purposes is the BackWPup. It supports backup to clouds and other options too.
Here is a better guide about BackWPup.
Link – BackWPup
Spam can not only be annoying, but also harmful too. So it’s better to avoid them altogether.
Link – G.A.S.P
2) Minimum Comment Length
Even though this plugin hasn’t been updated for 2 years, but I don’t think that will cause any security concerns, because it is a very simple plugin which sets a minimum number of characters for each comment. Now that’s really handy if you are annoyed by small useless comments on your blog.
Link – Minimum Comment Length
3) CommentLuv +
The only premium plugin that I would have loved to own. It has G.A.S.P built-in, so you won’t have to install G.A.S.P separately. Plus, it has many many other awesome features.
Link – CommentLuv+ (not an affiliate link)
Over To You
So how much are you prepared for any hacking and other malicious attempts? How secured it your blog? How do you tackle all the spam that you get? What about trackbacks? Do you allow trackbacks?
Latest posts by Sourav (see all)
- A Quick Guide To Getting Started With GitHub - December 19, 2013
- Windows Live Writer For Offline Blogging Plus 4 Alternatives - July 26, 2013
- 9 WordPress Security And Anti-Spam Plugins - July 9, 2013