Top Security Plugins For WordPress

Hey WP users, I think it has not been too long when your website was hacked by somebody and you were in a situation where you just couldn’t help yourself. For all those we have help but what if you haven’t been hacked till now? For you all these are some things you should do in order to protect your site.

Lets start with the plugins first :

Login Lockdown

This is a great plugin. One of the best way this protects your site is by stopping brute force attack. That means if a person is trying to hack into your site by using another software or spamming system which will try several times to get it, this plugin won’t let it do it. You can set a limit for how many times a failed login can try and then it would be blocked for some hours.

SSL Certificate

Now this is relatively a vary common name that one has heard about. May be while getting a hosting package or buying a domain name this may have popped up. SSL certificates prove to be one of the most important and the best ways to handle sensitive information on the web. Actually when a person enters any valuable data on the form you have the details go to the server just like plain text so think is somebody has hacked into your servers then its most likely that he/she can gain access to the details. So the SSL certificates do their job here perfectly as they hide the main details by encrypting it.

Chap Secure

I  think this is probably the best way to encrypt some of the secure data for you blog as a lot of people will try to get into your blog(your users/contributors) anyhow and in the process their passwords or other sensible data can be stolen. When you activate this plugin you can easily protect their and your login data as it goes encrypted and can not be stolen.

Ask Apache Password Protect

This is another plugin that I generally ask people to use as this will not only protect your passwords but also lock your Wp-Content folder so no body can dare mess with your themes or plugins.

Please Note : If you enable this plugin you won’t be able to update your plugins or upload new plugins/themes. The best thing I can say here to disable this plugin while uploading /updating.

WP Security Scan

This amazing plugin comes up with a lot of user friendly solutions for all sort of WordPress users who can easily protect their site. The plugin also comes with a free sign up for web Site defender an online tool for scanning your site for security threats and so on.


Functionality Hacks

Well here I don’t have much to say as if I start telling you a lot of things chances are that you might mess up doing a lot of things and finally trapped up into something that will end up you blog. Only some things but do this for sure.

1. Blank Index File

Create a Black index.html file, if you can’t the download it here. Just upload this file to every important place of yours mainly where you have static content. I would recommend uploading this to your Uploads folder, Plugins folder, Themes folder (All found in Wp-Content). If you’re thinking this would be disturbing any of your uploading or updating tasks then it won’t do anything as such, it only would create problems for un-ethical hackers around the world.

2. Hide the Php.Ini File

This is really very simple to do and is also a necessity. Just for your knowledge, all the PHP coded sites(like WordPress) utilize the Php.Ini file for a lot of uses and if that remains open then that may become a great way for hackers to get into your site and create problems for you. I have explained it in the simplest way ever do check it out.

Check Official Post


  • joomlaserviceprovider

    Greetings.We are pleased to announce the release of wSecure. wSecure hides your WordPress admin URL with a special key so that only you can access. The problem with WordPress is that anyone can tell if your site is WordPress by simply typing in the default URL to the administration area (i.e. http://www.yoursite.com/wp-admin). wSecure helps you hide the fact that your website is built with Worpdress from prying eyes.

    Check out wSecure in action here: http://wp.joomlaserviceprovider.com/