Protect Your WordPress Sites: Free WordPress Security Plugins
WordPress is Cheap and Easy to Use
The great thing about using WordPress is that it is like HubPages you don't need a lot of technical knowledge to use the platform and you also don't have to spend any money to use it.
I decided to start publishing my own websites after the Google Panda Slap hit HubPages and the earnings and readership for my hubs dropped. My reason for branching out away from HubPages was to diversify so that all my eggs weren't all in the same basket. Because of this I decided not to move any of the content I already had on HubPages as I believed that my earnings and readership levels would recover and they did.
Basic Protection for WordPress Sites
I've been using WordPress on my sites for well over a year now and I'm very happy using this platform but there is one area which I'd not really given any thought to and that was security.
I'd only taken three very basic steps to protect my sites which were to
- back up my sites every week
- ensure I didn't use admin as the username for any of the sites
- use a computer generated password
WordPress Plug Ins Installed on Recommendations
I'm not going to explain what WordPress is in this hub or what the difference is between WordPress.com and WordPress.org as this hub is aimed at people who are already using WordPress but who may not have installed any security plug ins to protect their sites.
I'm not a techie, I'm just one of these people who pick up bits and pieces of knowledge and information from here and there. The three, free security plug-ins I'm going to tell you about in this article were recommended to me by a friend and I think they were recommended to him by someone else.
Most of the plug ins I've installed have been by recommendation although I have found one or two myself.
The three, free plug ins are:
- Limit Log In Attempts - 5 out of 5 Star rating
- Secure WordPress - 4 out of 5 Star rating
- WordPress Firewall 2 - 4.9(?) out of 5 Star rating
Free WordPress Security Plug In: Limit Log In Attempts
This plug in does exactly what its name infers, it limits unsuccessful log in attempts. Until now I had not realized that WordPress allows unlimited log in attempts which means that it is vulnerable to a brute force attack. This also why it is important to ensure that you do not use admin as your username and you use a strong password.
Limit Log In Attempts blocks an Internet address from making further attempts after a specified limit is reached and it is fully customizable from the Settings page shown below. You decide how many attempts to allow and how long to lock out for. You then have the option to move to a longer lock out after how ever many lock outs you chose. You also decide at what interval retries are reset.
The plug in can also log the number of retries for each IP and send email notifications so that you are aware that your site has been targeted.
Free WordPress Security Plug In: Secure WordPress
This is quite a technical plug in as it works by removing all of the things that a hacker looks for in the code on your website.
I don't pretend to understand all of the features but without this plugin a hacker is able to determine quite a lot of information about your site such as what version of WordPress you have installed and what updates you've made. This information is useful in determining whether you are using a version of WordPress which the hacker knows of a weakness in.
I've included a screenshot of the configuration page below so that the more technically minded can see what it does. I've just kept the default settings!
Free WordPress Security Plug In: WordPress Firewall 2
We are used to the fact that we need a firewall to protect our computers from attack. WordPress Firewall 2 provides the same sort of protection for your WordPress sites.
This plug in is able to stop the most obvious attacks by blacklisting and whitelisting phrases dependent upon which fields the phrases appear.
I've left the settings on the Options page as preset and shown in the screen print below.
What WordPress Plug Ins Do You Use
If you have any WordPress sites why not share details of some of the plug ins that you are using on your sites and why you use them in the Comments below.