A distinct advantage of WordPress is that it has a whole community of very loyal developers who are creating new plugins (add-ons) all the time. Even better, WordPress creators, developers, and users are very diligent when it comes to security. Yes, hackers are fast and smart, but the community as a whole does its very best to stay ahead of the game.
There are a number of security plugins you can use to stop hackers and other threats to your website. We don’t have the space to cover them all, but the ones we’ve listed will go a long way towards keeping your website safe — provided you install and use them!
6 Top WordPress Security Plugins
Plugins for Backups
- WP-DB-Backup – This is a free plugin that will back up your WordPress database. What it will not do is backup your website’s files (PDFs, widgets, themes, plugins, or other HTML files), so you will have to save those separately if you use this plugin.
- Backup Buddy – This is a premium (which means you have to pay for it) plugin that does a whole lot more than the free ones. You can schedule whole site backups (that include site files) daily, weekly, etc. You can also send your backups by email or have them automatically upload to your Amazon S3 account. Backup buddy comes with a software program that lets you easily restore your website or even migrate it to another hosting service.
Plugins For Spam
- Akismet – I’m sure you know that spam is a big problem on blogs. Akismet is the program that comes already installed with WordPress. All you have to do is activate it. However, you will need to get an API key to do so, a key you can get from WordPress.org (for free). Once properly activated, Akismet will filter out your spam comments and send them directly to the trash. It works very well. Akismet is free for most use (blogs making less than $500/mo are considered “personal” use), but there’s a charge for high traffic profitable blogs (“business” use).
Plugins for Login Protection
Brute force attacks on your site attempt to guess your login information by simply trying to log in over and over again. This is done by an automated robot, so it can be very persistent. Of course, your first line of protection is having login information that isn’t easily guessed (admin not named “admin” and a strong password). After that you’ll want to use one of these plugins to temporarily lock out the pesky robot’s computer.
Plugin For Other Security Issues
- Wp Security Scan – This plugin will scan your WordPress passwords, files, database and others to see if there are any known vulnerabilities in your site. It will also suggest corrective action to problems found.
WordPress Plugin Tips
- Stick With WordPress.org – When searching for and downloading plugins you are safest if you stick with WordPress.org. If you get plugins from any other sources or websites be sure you are getting it from a trusted source. Plugins can create vulnerabilities in your WordPress installation and unknowingly allow problems in.
- Keep Them Updated – Good plugin creators will keep their plugins up to date. You will get a notice within your WordPress installation that you need to update your individual plugins. Do this right away!
Protecting your WordPress website is an ongoing process. The worst thing you can do is look at this list, feel overwhelmed and do nothing. Just pick one thing to get started, get that all set, and move on to the next. Or if you just don’t have time to do this yourself, hire a virtual assistant, hand them this post and ask them to do it for you.
WordPress security is important. Hackers or server crashes won’t wait until you make time to get this done. Take a bit of time and get yourself set up with some of these great plugins right away.