Open source software has its advantages and we all know that WordPress is a open source software but one word can hurt all of us that used WordPress and this word is “Open” and by that means all that goodness (code) can be study to find holes and if these holes fall into the wrong hands aka the bad guys, they will find a way to breach it and the results could be nasty and we don’t want that!
And also this is the season that the bad guys will work extra hard to find them, however for today’s WordPress Wednesday post you will find that below you can find 6 plugins that can help “patch” up some of the default behaviour of WordPress and some plugins below can even enhance them even more.
probably one of the best free WordPress plugins that also has a paid for version but this plugin is a free enterprise class security plugin that includes features such as a firewall, anti-virus scanning, mobile sign in, a scanner that cans malicious URLs and live traffic including logins to see if someone tries and hack the admin end. This plugin can also verify and repair the core, them and plugins even if you don’t have a backups.
The Sucuri Security is a free plugin that will go through your website and check to see if you have any malware, spam injections or been blacklisted with other security issues like .htaccess redirects, hidden eval code. This plugin detects
The Better WP Security plugin which is free takes the best security features and techniques of WordPress and combines them into a single plugin to ensure that as many security holes are patched without the worry of any conflicting features or anything missing within your site.
6Scan Security plugin is a auto-fix security and free plugin for your site which scans beyond the simple rule based protection that you find in other WordPress security plugins but employing sophisticated algorithms to find and automatically fix security vulnerabilities. The 6Scan scanner finds and protects your site against such attacks like SQL Injection,Cross-Site Scripting (XSS) Cross-site request forgery (CSRF), Several DoS conditions.
The free Siri WP Security plugin takes the daunting task of securing your site in an easy way by giving you just one click to hide certain things such as hiding the wp-login.php, avoid the direct access to many php files within the WordPress software, create your own paths for themes, styles, plugins admin, uploads and even categories. You can even modified the design for the login page with the plugin which you probably can’t find in many security plugins.
Smart Security Tools is a powerful paid for plugin which cost only $18 but for improving the security of your site it is a must as this plugin contains the various collection of tweaks and tools for extra security protection, along with the security advisor that can help you to determine what is needed to be done. This plugin integrates the Sucuri free security scanner which shows malware on your site and even blacklisting major security related websites and log them also.
Some of the general tweaks, htaccess tricks that this plugin does includes
- Preventing SQL injections
- Prevents too long URL’s
- Simple registration honeypot
- Remove errors from login screen
- Restrict username length
- Remove WordPress version number
- Prevent browsing of the installation directory
- Disable the Server Signature on server error pages
- Prevent access to WordPress root system files
- Limit body size of a single request and file upload size
- Prevent access to XML-RPC due to Pingback Vulnerability
- Disable Trace and Track request methods
- Blacklist Query Strings, Request Strings & User Agents using listed rules