ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel
  • »
  • Technology»
  • Internet & the Web

Protect Your WordPress Sites: Free WordPress Security Plugins

Updated on April 19, 2012

WordPress is Cheap and Easy to Use

The great thing about using WordPress is that it is like HubPages you don't need a lot of technical knowledge to use the platform and you also don't have to spend any money to use it.

I decided to start publishing my own websites after the Google Panda Slap hit HubPages and the earnings and readership for my hubs dropped. My reason for branching out away from HubPages was to diversify so that all my eggs weren't all in the same basket. Because of this I decided not to move any of the content I already had on HubPages as I believed that my earnings and readership levels would recover and they did.

Basic Protection for WordPress Sites

I've been using WordPress on my sites for well over a year now and I'm very happy using this platform but there is one area which I'd not really given any thought to and that was security.

I'd only taken three very basic steps to protect my sites which were to

  • back up my sites every week
  • ensure I didn't use admin as the username for any of the sites
  • use a computer generated password

WordPress Plug Ins Installed on Recommendations

I'm not going to explain what WordPress is in this hub or what the difference is between and as this hub is aimed at people who are already using WordPress but who may not have installed any security plug ins to protect their sites.

I'm not a techie, I'm just one of these people who pick up bits and pieces of knowledge and information from here and there. The three, free security plug-ins I'm going to tell you about in this article were recommended to me by a friend and I think they were recommended to him by someone else.

Most of the plug ins I've installed have been by recommendation although I have found one or two myself.

The three, free plug ins are:

  • Limit Log In Attempts - 5 out of 5 Star rating
  • Secure WordPress - 4 out of 5 Star rating
  • WordPress Firewall 2 - 4.9(?) out of 5 Star rating

Free WordPress Security Plug In: Limit Log In Attempts

This plug in does exactly what its name infers, it limits unsuccessful log in attempts. Until now I had not realized that WordPress allows unlimited log in attempts which means that it is vulnerable to a brute force attack. This also why it is important to ensure that you do not use admin as your username and you use a strong password.

Limit Log In Attempts blocks an Internet address from making further attempts after a specified limit is reached and it is fully customizable from the Settings page shown below. You decide how many attempts to allow and how long to lock out for. You then have the option to move to a longer lock out after how ever many lock outs you chose. You also decide at what interval retries are reset.

The plug in can also log the number of retries for each IP and send email notifications so that you are aware that your site has been targeted.


Free WordPress Security Plug In: Secure WordPress

This is quite a technical plug in as it works by removing all of the things that a hacker looks for in the code on your website.

I don't pretend to understand all of the features but without this plugin a hacker is able to determine quite a lot of information about your site such as what version of WordPress you have installed and what updates you've made. This information is useful in determining whether you are using a version of WordPress which the hacker knows of a weakness in.

I've included a screenshot of the configuration page below so that the more technically minded can see what it does. I've just kept the default settings!


Free WordPress Security Plug In: WordPress Firewall 2

We are used to the fact that we need a firewall to protect our computers from attack. WordPress Firewall 2 provides the same sort of protection for your WordPress sites.

This plug in is able to stop the most obvious attacks by blacklisting and whitelisting phrases dependent upon which fields the phrases appear.

I've left the settings on the Options page as preset and shown in the screen print below.


What WordPress Plug Ins Do You Use

If you have any WordPress sites why not share details of some of the plug ins that you are using on your sites and why you use them in the Comments below.


    0 of 8192 characters used
    Post Comment

    • Amber Allen profile image

      Amber Allen 5 years ago

      Hi STEVEW13

      I'm glad you've found the information I've provided useful.

      It is quite alarming to see the number of daily hacking attempts on each of my sites.


    • STEVEW13 profile image

      Steve Wright 5 years ago from Norwich, England

      Awesome hub, very insightful and very useful, thank you so much for the tips!

    • Amber Allen profile image

      Amber Allen 5 years ago

      Hi nikkijohntan

      Thanks for reading my hub and commenting.

      Which account has been banned without giving you any explanation?


    • nikkijohntan profile image

      Nikki John 5 years ago from USA

      I think this is one of the best technical post which i had ever seen. This post will surely help me to create an account and make a blog post or start making websites. But 1 question i have that my account is banned without any information. can you suggest me some reasons.

    • Amber Allen profile image

      Amber Allen 5 years ago

      Hi Don

      Thanks for being the first to comment. The ink was hardly dry!

      I learnt a lot about WordPress from YouTube videos but I keep things fairly simple. I did buy a custom theme which makes it easy for me to change layouts and color scheme with some limitations.

      I didn't consider using Blogger because I was told that the ownership of domain name remained with Blogger. I also wanted to be more independent.

      Hopefully as Blogger is owned by Google their security is the best that money can buy but I don't know for sure.


    • Don Simkovich profile image

      Don Simkovich 5 years ago from Pasadena, CA

      What a useful hub, Amber. Voted up and useful. Even though it's "easy" there's still a bit to learn using Wordpress. Do you use basic templates and then customize them? Have you tried Blogger? A Google property. I used blogger which I know people look down their noses on; however, I think it's improved and wonder if it, too, is quite easy to hack.