What WordPress Plugins Do You Use To Secure Your Blog?

[Dreams]

Hi,

There are so many WP plugins out there. I was hoping to find one plugin. Like an All in One SEO plugin for "securing" your WP blog. Is there such a thing? I just want one plugin that does it all for security. Any recommendations?

Thanks

You do not use any "plug-In" to secure your blog....

James

[Dreams]

Hi James,

Can you tell me what you do to secure your blog?

Thanks

[Jagged]

<hint> Look in James Signature
One of the best WP / Blog Security Softwares around....

Ken

[Dreams]

Duh,

I must be tired. Thanks!

You can mod your .htaccess file to allow admin logins only from your ip / ip range... if you don't know how, ask me.

[Dan Grossman]

You secure your blog by always running only the latest version and using as few plugins as absolutely necessary. Each new plugin could add new avenues for attack. Combine that with a strong, unique password and regular backups and there's really nothing to worry about. Anything you do beyond that is kind of like adding extra padlocks to your front door while leaving the windows open -- just being on shared hosting is more risky to a website than whatever else you could "lock down" in WP.

[rhj12345]

Try "WP Security Scan" Plugin, this one is even talked about in Lock it or Lose It Blog Lock Down, by Craig Desorcy.

[profitgenie]

WP security Scan have never heard of it but if it can help protect my blog i'm in thankyou very much

jamie

[Abledragon]

WP-Security-Scan and Login-Lockdown work well for me.

But I totally support Dan's comments above. And using FTP (instead of SFTP) is another window you're leaving open.

Here's an article on WordPress security that may help:

http://www.wealthydragon.com/blog/20...ten-left-open/

Cheers,

Martin.

[NewBeing]

Try Wordpress Firewall Plugin

WordPress Firewall Plugin » SEO Egghead

[worlok]

Quote:

Originally Posted by NewBeing

Try Wordpress Firewall Plugin

WordPress Firewall Plugin » SEO Egghead

Thanks. This one doesn't interfere with web spider crawling, right? Looks interesting.

[Andy Crofford]

In addition to what everyone else said I also install WordPress into a sub directory of root but configure it so that the blog is accessible at the root domain.

First of all let's get a few things straight here.... I hate bad advice!

1. Wp Security Scan is NOT a security plugin, it does nothing but tell you if you folders permissions are ok and if your admin username is "admin"

2. backup and latest version does not secure you, matter fact you should be running WP before 2.7 (2.6.5 to be exact). Yes you should do backups every night at 12:00AM as you should do with all sites not just WP.

3. locking down the admin username means nothing, blocking the admin to only allow a certain ip means nothing. Hackers do NOT need access to your admin to hack your blog.

FACT! - What does help you be secure is changing the code that hackers have no idea what you changed. WP is open source meaning every single version hackers get ahold of and can see all the coding. If you take and change that coding which is not accessed by hackers then you have 90% greater chance of being secure.

"Plug-Ins" are not going to secure you because the problem is the core coding of WP to begin with.

James

[LegitBlogger]

Quote:

Originally Posted by TheRichJerksNet

First of all let's get a few things straight here.... I hate bad advice!

1. Wp Security Scan is NOT a security plugin, it does nothing but tell you if you folders permissions are ok and if your admin username is "admin"

2. backup and latest version does not secure you, matter fact you should be running WP before 2.7 (2.6.5 to be exact). Yes you should do backups every night at 12:00AM as you should do with all sites not just WP.

3. locking down the admin username means nothing, blocking the admin to only allow a certain ip means nothing. Hackers do NOT need access to your admin to hack your blog.

FACT! - What does help you be secure is changing the code that hackers have no idea what you changed. WP is open source meaning every single version hackers get ahold of and can see all the coding. If you take and change that coding which is not accessed by hackers then you have 90% greater chance of being secure.

"Plug-Ins" are not going to secure you because the problem is the core coding of WP to begin with.

James

Interesting, James. I like the way you made your points
very nicely. It's indeed worth investing in your Wordpress
Secured!

.