WordPress is by far the most popular blogging/content management system. The platform is used by millions of webmasters from all over the world.
But, there is a downside to having this kind of popularity: more often than not, it puts a big bulls eye on your back.
WordPress is a target, and hackers are trying to hit it all the time.
You do not want to have your website hacked because it can disrupt your business and cause a huge inconvenience.
Why Hackers Target WordPress
There are various reasons why people want to hack websites. Some of them are:
– to get backlinks to their website,
– to get links to another site,
– to steal your website traffic,
– for free access to content that requires payment,
– to steal registered users email addresses,
– and sometimes, because they think it’s fun.
WordPress already has a certain level of security built into the platform, but it would be wise to take some extra precautions to secure your blog.
5 Plugins to Secure Your WordPress Blog
1. Wordfence Security
Wordfence security is a high quality, totally free security plugin. It has an anti-virus scanner, firewall, and malicious URL scanner built into it.
Wordfence is currently the only security plugin that has the ability to:
– validate and then fix your core, your theme, and all plugin files (it can do all of this whether you have backups or not),
– tell you exactly what changed in your infected files,
– report your traffic in real-time to give you situational awareness, and
– accurately differentiate between human and crawler traffic.
Wordfence for multi-site scans every post and comment across all your blogs from a single admin panel.
After Wordfence is installed, you can set up a list of multiple email addresses to receive security alerts.
Many security plugins are set up to scan daily, but Wordfence scans every hour. It monitors all your pages, comments, and plugins.
Although Wordfence is free, a premium API key is offered that allows you to block specific countries and schedule scans for certain times.
2. WP Security Scan
WP Security Scan looks after your blog by scanning the central components of it. It checks your blog to find security vulnerabilities and then, if necessary, you will be told what corrective actions need to be taken.
The plugin checks for errors in the database, the presence of the tag of the meta tag, and for security, it checks if the a.htaccess file has been placed in the wp admin. It also checks the WordPress version and table prefix to ensure that the WordPress version is hidden.
WP Security Scan will scan the permissions of core files within WordPress folders. It looks for what suggestions were made and the actual permissions that were given.
It also has a built-in checker that will verify whether your password is strong enough or not and make suggestions accordingly.
WP Security Scan does not necessarily need to be activated in order to execute these important security functions.
3. Goggle Authenticator
The Google Authenticator plugin helps secure your blog by providing a two-step authentication process. It works through an app for Android/Blackberry/iPhone.
4. IM Login Dongle
IM Login Dongle is a simple plugin that adds a two step verification process to the login. It does this through instant messenger accounts or Google Authenticator. You have to create an instant messenger account through one of the supported platforms (currently, windows live messenger, icq, and google talk are supported).
5. Hide Your WordPress Version
It’s very important that you hide the version of WordPress that you’re using. Publishing it makes it easier for those with bad intentions by letting them know if you’re using an outdated/non-patched version.
To remove the version from the page, simply delete the readme.html file from the WordPress installation directory.
Upon installation of your WordPress blog, the first user is automatically called admin. You need to create a different user for management of a blog.
Remove the administrator user ID from administrator to subscriber. This provides a boost for your blog’s security.
A second option you have is to create a random user name that can’t be traced to you and that uses your email address to log into WordPress.
There you have it – five great plugins and steps to add extra security to your blog.
Jason Smith is an online consultant for AJ’s Truck & Trailer – cheap trailers for sale . Jason likes blogging about online strategies that are related to SEO, Content, PPC & Lead generation. In his free time he likes to study about web designing and practice Jiu Jitsu.