WordPress is currently the leader of Content Management Systems (CMS). In fact, according to w3techs, in February of 2017, WordPress had a 58.7% market share compared to other CMS’s like Joomla, Drupal, and Blogger. WordPress is a great solution for just about every industry and company size. According to WordPress.org, some of the most influential sites are powered by the CMS. Examples include The Walt Disney Company, The Chicago Sun-Times, and even Sony Music. Due to these factors and WordPress’s ease of use, it’s easy to overlook one of the most crucial elements of maintaining a website, security.
“In fact, according to w3techs, in February of 2017, WordPress had a 58.7% market share compared to other CMS’s like Joomla, Drupal, and Blogger.”
Here are our top five picks for WordPress security plugins. Before we begin, we do have two disclaimers. One, these plugins all serve different purposes, one of these may or may not cut it in terms of securing your site. Two, we do not assume any liability for how these plugins interact with your site. We did not develop these plugins, nor do we have any connection with them or the developers whatsoever. That being said, let’s review some plugins!
Sucuri Security is a powerful antivirus plugin for WordPress. It provides comprehensive Malware Scans, Hardening, Post-Hack recovery, and much more. While Sucuri offers subscriptions to their full plugin for around $200 a year, their free version does a fantastic job of scanning for malware and sending email alerts whenever someone logs into the admin dashboard. You can download the Sucuri plugin here.
iQ Block Country
Let’s say you installed Sucuri Security and instantly you’re bombarded with emails of failed login attempts to your WordPress website from other countries. What do you do? Simple, block those countries from accessing your WordPress admin dashboard. iQ Block Country uses the GeoLite database from Mixmind to pinpoint where a user is coming from to block potentially unwanted admin logins. This plugin can also be useful for restricting content from being seen in certain countries. Be sure not to block your own country, however! iQ Block Country can be downloaded here.
Simple IP Ban
If blocking entire countries from logging into your admin dashboard is not an option, another great way to prevent malicious attacks is by using Simple IP Ban. This is a simple and easy to use plugin that does exactly what you would think, blocks IP addresses from accessing the site. Although, keep in mind that a simple proxy could allow the user to still access your site, so this method isn’t foolproof by any means. Regardless, it’s a solid plugin that can be downloaded here.
Good news, chances are, this plugin is sitting in your plugins folder right now just waiting to be activated. Akismet is a spam prevention plugin that can dramatically reduce spam on your WordPress site. The nice thing about Akismet is it’s point and click simple. Just activate, set up, and you’re good to go. No further work needed (except for updates, of course ?).
Last but not least, a reCAPTCHA plugin can be a great addition to your WordPress security arsenal. The one featured in the link below allows for setup on your login pages as well as comments. A simple reCAPTCHA form can go a long way in preventing unwanted comments or logins. With reCAPTCHA, you can keep (most of) those pesky bots away! Download a reCAPTCHA plugin here.
What’s your preferred security plugin? Let us know in the comments below! If you liked this post, please share it!