You’re a WordPress-based website owner? Have you ever heard about security plugins for WordPress? Let’s have a review with me, shall we?
Important new security plugins were released last year as well as some of the existing plug-ins were updated.
The challenge here is to find the combination which gives you a fully functional security system without any conflicts.
Here’s the winning combination 2013.
Let’s get it started, shall we?
1. Duo Security
Duo Security’s two-factor authentication is a service committed to combating data theft or account takeover.Integrating Duo’s two-factor authentication into your WordPress site is a breeze with the Duo plugin.
Duo Security’s authentication service works on the principle of using two means of identification to protect your WordPress accounts, instead of just a password. As there is a real threat of passwords being guessed or phished, Duo requires admins and users to verify their identities with their mobile phone, hardware token or, in other words, something they have. With this strong mean of identification, your account security is critically improved.
Duo also provides easy setup and usage. No extra hardware or software is needed to install Duo Security; you simply install the Duo plugin, register for Duo’s service and that’s it. After that, all that is left is to select which users the two-factor authentication is applied to (admins, authors, contributors, editors, and/or subscribers). There is no need to set up servers, hardware, user accounts or directory synchronization either.
Upon logging in, your users are given several options of how to authenticate, such as:
- One-tap authentication with Duo’s mobile app (fastest and easiest)
- One-time passcode sent to SMS-enabled phone (no cell coverage is even required for this option)
- One-time passcode generated by Duo’s mobile app (no cell coverage is even required for this option)
- One-time passcode generated by OATH-compliant hardware token
- Phone callback to any phone (both mobile and landline!)
With Duo Security, it takes only a few minutes to better protect your WordPress website!
Make sure only invited guests pop in
This little guy here will act as your bouncer. Only guests are allowed, you know what I mean? This will keep your party from getting out of hand. Really useful if you ask me.
Official Plugin Page: http://wordpress.org/plugins/duo-wordpress/
2. WP Login Security 2
This little plugin here will grant you access to your contents wherever you are. Let’s make this simpler. Imagine you’re having a party. If a guest arrives, they will be asked for their ID, but you can walk straight in. So how is it possible?
Here’s how it work, if you’re trying to login from an unfamiliar IP address, the plugin will send an email to your registered email address, and by clicking on the verification link, you will be allowed in.
Pretty clever, right? This way, even if some figure out your username and password, they can’t do anything.
Official Plugin Page:http://wordpress.org/extend/plugins/wp-login-security-2/
Instructions:WP Login Security 2.
3. Semisecure Login Reimagined
When whispering the secret password to the bouncer, you want to make sure that no one eavesdrop the conversation. So it comes to this.
Eventually, your login information will be sent over SSL when you access your WordPress administration panel. There’s a cost for obtaining a SSL certificate and if you are on a shared server you would also need a dedicated IP address.
This plugin here will encrypt your login info so it is much more difficult for an outsider to steal your credentials.
Official Plugin Page: http://wordpress.org/extend/plugins/semisecure-login-reimagined/.
Instructions:Semisecure Login Reimagined.
4. Login Security Solution
This bouncer will only accept photo ID. And he can check the expiry date, too. Really useful, indeed.
With this plugin, password strength is enforced, password aging is an option, and password resets for all users can be forced. And you can even logout idle sessions automatically.
One more feature: If anyone try to attack using brute force, instead of blocking their IP address, this plugin will only slow down the response time. How is that good for me? Well, you can get your password wrong without having the fear of being blocked, and making brute force attacks almost impossible.
Official Plugin Page:http://wordpress.org/extend/plugins/login-security-solution/.
Instructions:Login Security Solution.
5. WordPress Firewall 2
Firewall, even the name sounds cool. This will act as your house’s wall, making sure no one suspicious sneaks in. Yes, this is a must.
Windows Firewall 2 inspects all incoming traffic to identify if anyone sends you malicious requests or tries to inject data into your database.
Official Plugin Page:http://wordpress.org/extend/plugins/wordpress-firewall-2/.
Instructions:WordPress Firewall 2.
6. Block Bad Queries
This will reinforce your wall even more. More is better right? And yes, internet is a really bad neighborhood.
This little plugin will help filter incoming traffic to stop known bad guys.
Official Plugin Page:http://wordpress.org/extend/plugins/block-bad-queries/.
Instructions:Block Bad Queries.
Keeping Tabs On What Goes On In Your House
This will be your eyes and ears. Imagine having a party, you will want to know who breaks your computer or how much damages they’ve caused. This little guy is more useful than you think.
7. WordPress File Monitor Plus
Let’s go with the party example, again. This will be your security cameras in every room, taping everyone’s actions.
WordPress File Monitor Plus will keep an eye to the changes to your file system. If any files are added, removed, or changed, you will be notified by email. This will come in handy.
Official Plugin Page:http://wordpress.org/extend/plugins/wordpress-file-monitor-plus/.
Instructions:WordPress File Monitor Plus.
8. WP Security Scan
Despite of having a party, you do want some room to be locked and keep away from your guests.
WP Security Scan will… well, scan and make sure everything is in its order. What need to be locked is locked.
Official Plugin Page:http://wordpress.org/extend/plugins/wp-security-scan/.
Instructions:WP Security Scan.
Curing The Hangover
Does what the name suggested. This will act as the cure for the hangover you might have the day after.
9. Update Notifications
Keep your WordPress page up-to-date at all times with this plugin and you won’t see the bulk part of the threats circulating the net. To make it simpler, this will send you an email whenever there’s an update to any of your files, including themes, plugins or even core files.
Official Plugin Page:http://wordpress.org/extend/plugins/update-notifications/.
This plugin will act as a therapist, telling you what your problems are.
Wordfence is one of the newer security plugins. It will compare the plugin, theme, and WordPress core files on your installation with the official version in the WordPress repository. If there are any discrepancies, the plugin will send you an email.
On top of that, it will scan your site for known malwares and viruses. Convenient!
Official Plugin Page:http://wordpress.org/extend/plugins/wordfence/.
11. Sucuri WordPress Security Plugin
If your site is infected by malwares, viruses or anything you could think of, SWSP will clean it for less than it would cost you in coffee. And they will keep your site clean for a year after that.
The WordPress plugin adds a web application firewall and malware file scanning. The web application firewall will communicate with Sucuri servers, so if one site is under attack from certain IP addresses they can be blocked across the network immediately.
Official Plugin Page: This is a premium plugin so it is not found in the WordPress repository.
Instructions:Sucuri WordPress Security Plugin.Source by : problogger.net