2009-09-23

9 Best WordPress Security Plugins

via Quick Online Tips by QuickOnlineTips on 7/27/09

Guest post by Srikanth.

Do you know the best security plugins for WordPress? WordPress is one of the most popular blogging platforms; though it comes packed with security features, hackers always looking for vulnerabilities to hack into your blog.

In order to eliminate attacks if not minimize them, here are some of the top WordPress security plugins which will help you in this regard.

1. WP Security Scan
This plugin will scan your entire WordPress installation and will suggest you regarding security vulnerabilities like passwords, database security, file permissions, admin security. It will also hide the version of your WordPress and remove the META tag from the core such that hacking to your WordPress installation would be hard.

2. Secure WordPress
It will help secure WordPress installation by removing miscellaneous items after the installation process which may aid hackers. It will remove error information from the login-page and also remove or change the WP-version data but leave it unchanged in the admin area. It is suggested to remove any unwanted information to the non-admin for security reasons so it will remove update information about plugins, themes and core update information. Secure WordPress will add a blank index.html to the plug-in directory such that if anyone is trying to view the contents of the directory they will be viewing a blank page instead of the contents.

3. WordPress Database Backup
This is the first plug-in to be installed soon after you complete WordPress installation. It will help you backup all your core data and other content of your choice to the destination your choose: hard disk, email or remote server. In the event of crash either by your fault or from hackers, you can restore your WordPress blog from the backup file easily. It is recommended that you use this plug-in for WordPress version 2.0.3 or later.

4. Force SSL
Having a secure SSL connection to communicate with your users is beneficial. To enable this, your site must be SSL enabled first. To implement this, you need to buy the SSL certificate. By installing this plug-in it will force your user browser to connect to your site via a SSL connection. This eliminates any third party attacks between the connection and all the data that is transmitted to and from the site will be encrypted for better security.

5. Chap Secure Login
If you are not having a secure connection like SSL to protect your password , then you can use this plug-in for encrypting passwords. It will use the Chap protocol to hide the passwords and transmit it encrypted. The only information that is transmitted unencrypted is your username. Protecting password will give full security because password leaks will enable the hacker the gain full control of your WordPress blog.

6. Anonymous WordPress Plugin
All the WordPress versions 2.3 and above have the feature to get automatic updates for plugins. During this process it will send some of your information like your blog's URL, version number, list of installed plugins and activated plugins to Wordpress.org. This information could be of potential use for hackers. So to avoid this, installing Anonymous WordPress plug-in is a feasible option. It will strip off your blog's URL and version number and empty the activated plugins list. This plug-in is compatible with WordPress 2.3 and above.

7. Login Encrypt
This will help encrypt the login information using the complex DES and RSA combination. It uses the JavaScript appended and encrypted the password of the user and generates a unique DES key. And by using this key, user can have secure login each time they login to your blog.

8. Admin SSL
This plug-in will work with both the private and shared SSL connections and it will force a SSL connection in every page where password can or has to be entered. It is very helpful to protect the admin area, posts and all the pages of your WordPress installation and secure the login page. This plug-in works on WordPress 2.2 to 2.7.

9. AskApache Password Protect
It will block the bots and creates a safe wall for any vulnerability your WordPress blog may have. It will protect your password as well as your WordPress directories like the wp-includes, wp-content, etc. It is like placing your WordPress blog behind a security wall.

Guest blogger Srikanth writes on Tech Inspiration blog about tips, gadgets, and technology. You can also write a guest articles and share more useful tools you like.

No comments:

Post a Comment

Based on original Visionary template by Justin Tadlock
Visionary Reloaded theme by Blogger Templates

Visionary WordPress Theme by Justin Tadlock Powered by Blogger, state-of-the-art semantic personal publishing platform