The Best WordPress Security Plugins - HostAsean.com

Our Blog

Latest news and updates from HostAsean

The Best WordPress Security Plugins

Posted by Mr WordPress in Website Security, WordPress 0 Comments

The Best WordPress Security Plugins

When it comes to having a website, one of your main concerns is how to keep it safe, secure, and free from hackers, malware or hijackers. These WordPress security plugins can help you keep your data safe.

We have compiled this short list of our top WordPress security plugins to secure your WordPress website. You can use any or all of them, they all work fine together and each excel in their own specific areas of security. From malware scanning to blocking live attacks, brute-force protection, email alerts, logging traffic and more. These plugins all work great on our website hosting servers and will help you monitor your website and keep it secure.

Stay secure with the best WordPress security plugins:

Install them now and rest easy! All have both free and premium options to suit everyone.


WordFence - One of our recommended WordPress security plugins1. WordPress Security by WordFence

The thing I like most about WordFence is the ability to block traffic and use it like a firewall. You can set limiting rules to automatically block spiders and scraper bots from accessing your site when their traffic or page requests hit a predefined threshold. WordFence also makes login security a priority, with features to lock out invalid usernames and enforce strong passwords. Our only problem with WordFence is that it uses quite a lot of resources, it’s not our first choice for a super fast website. One option you will want to disable is the live traffic view as while it sounds useful, you’ll find this option can significantly slow down your website.

Plugin Website: https://www.wordfence.com/

WordPress Repository: https://wordpress.org/plugins/wordfence/


Sucuri - One of our recommended WordPress security plugins2. Sucuri Security – Auditing, Malware Scanner and Security Hardening

Sucuri can really help toughen up your WordPress website. With a focus on file security and hardening, and cross-checking your WordPress files with the official repository to alert you of any unauthorised modifications. Our favourite part of the plugin is the notifcations – get an email every time a user logs in, updates a post, or changes a setting. Everything is logged in the plugin. We suggest making sure you disable the “IP Address Discoverer” DNS lookups as these can slow down your website.

Plugin Website: https://sucuri.net/

WordPress Repository: https://wordpress.org/plugins/wordfence/


Malware by Eli - One of our recommended WordPress security plugins3. Anti-Malware Security and Brute-Force Firewall by Eli

Often called “Malware by Eli”, this plugin functions similarly to a virus scanner on your computer – but for your website. Scanning with the plugin will check the core files, and also your custom plugins and theme files for any malicious looking code. The plugin has definition updates regularly and can do scheduled scans of your site.

Eli’s WordPress Blog: http://wordpress.ieonly.com/category/my-plugins/anti-malware/

WordPress Repository: https://wordpress.org/plugins/gotmls/


4. Limit Login Attempts Reloaded

Thankfully we now have a new option for brute force protection for the WordPress login. While it isn’t a full suite of security settings like some of the plugins above, this plugin does one thing and does it well. This new plugin replaces two of our old favourite brute force protection plugins – Limit Login Attempts and Login Lockdown which haven’t been updated for 6 and 2 years respectively. The options are simple, set the number of failed logins allowed, lockout time, and logging settings. You can also whitelist and blacklist specific IP addresses and usernames which was not possible in the previous two plugins. It also protects the WooCommerce login page. Overall we recommend installing this to handle your brute force protection.

WordPress Repository: https://wordpress.org/plugins/limit-login-attempts-reloaded/


If you would like to hire our experts to help with your WordPress website security then look no further than our website maintenance & support package.

Mr WordPress
Mr WordPress
WordPress Mechanic at Host Asean Ltd.
We use WordPress every day, and so do many of our customers. We post tips, tricks and WordPress guides on the HostAsean blog to help you put together your own powerful WordPress based website. Subscribe for the latest updates or check back regularly.

Leave a Reply

Your email address will not be published.

HostAsean.com
Website Hosting in Cambodia
sales@hostasean.com