17 {{ upvoteCount | shortNum }}
17 {{ upvoteCount | shortNum }}

WordPress Hacked - What is the Best Easy Security Plugin?

by dsouravs
14 replies
  • WEB DESIGN
    • |
Hello,
Recently a very new site (WP) I did was hacked by Bangladeshi Army Hackers.
I did everything fresh again and now I need a good but easy security plugin.

I installed Bulletproof plugin but seems to complicated.

Can you tell a good security plugin whose options are quite easy.

Thank you.
#easy #hacked #plugin #security #wordpress
  • Profile picture of the author Kezz
    It's perhaps not what you want to hear, but you would really benefit from sticking with Bulletproof.

    It's actually not as complicated as it looks once you set it up a couple of times.

    There's a lot of different labels, but the actual process boils down to just this:
    1. Backup your .htaccess file
    2. Create the two new ones it makes for you
    3. Activate the four "Bulletproof Security Mode" options they make available
    4. Do another backup of all the new .htaccess files
    I also recommend:

    Secure WordPress
    WordPress › Secure WordPress « WordPress Plugins

    Semisecure Login Reimagined
    WordPress › Semisecure Login Reimagined « WordPress Plugins

    Bad Behaviour
    WordPress › Bad Behavior « WordPress Plugins
    {{ DiscussionBoard.errors[6674694].message }}
    • Profile picture of the author dsouravs
      Originally Posted by Kezz View Post

      It's perhaps not what you want to hear, but you would really benefit from sticking with Bulletproof.

      It's actually not as complicated as it looks once you set it up a couple of times.

      There's a lot of different labels, but the actual process boils down to just this:
      1. Backup your .htaccess file
      2. Create the two new ones it makes for you
      3. Activate the four "Bulletproof Security Mode" options they make available
      4. Do another backup of all the new .htaccess files
      I also recommend:

      Secure WordPress
      WordPress › Secure WordPress « WordPress Plugins

      Semisecure Login Reimagined
      WordPress › Semisecure Login Reimagined « WordPress Plugins

      Bad Behaviour
      WordPress › Bad Behavior « WordPress Plugins
      Thank you.
      I see you are also from Australia. The client whose site got hacked is also from Australia

      Thankyou
      Signature

      I can convert your Non-Responsive website to Responsive website ... How sweet is that? :)

      {{ DiscussionBoard.errors[6674987].message }}
    • Profile picture of the author vCr8
      Thanks Kezz. This came just in time. Very nicely put too.

      Originally Posted by Kezz View Post

      It's perhaps not what you want to hear, but you would really benefit from sticking with Bulletproof.

      It's actually not as complicated as it looks once you set it up a couple of times.

      There's a lot of different labels, but the actual process boils down to just this:
      1. Backup your .htaccess file
      2. Create the two new ones it makes for you
      3. Activate the four "Bulletproof Security Mode" options they make available
      4. Do another backup of all the new .htaccess files
      I also recommend:

      Secure WordPress
      WordPress › Secure WordPress « WordPress Plugins

      Semisecure Login Reimagined
      WordPress › Semisecure Login Reimagined « WordPress Plugins

      Bad Behaviour
      WordPress › Bad Behavior « WordPress Plugins
      {{ DiscussionBoard.errors[6675523].message }}
    • Profile picture of the author DJL
      Originally Posted by Kezz View Post

      It's perhaps not what you want to hear, but you would really benefit from sticking with Bulletproof.

      It's actually not as complicated as it looks once you set it up a couple of times.

      There's a lot of different labels, but the actual process boils down to just this:
      1. Backup your .htaccess file
      2. Create the two new ones it makes for you
      3. Activate the four "Bulletproof Security Mode" options they make available
      4. Do another backup of all the new .htaccess files
      I also recommend:

      Secure WordPress
      WordPress › Secure WordPress « WordPress Plugins

      Semisecure Login Reimagined
      WordPress › Semisecure Login Reimagined « WordPress Plugins

      Bad Behaviour
      WordPress › Bad Behavior « WordPress Plugins
      @Kezz,
      Do you recommend installing all four of the above?
      Also, what about WordPress Firewall? Would it be redundant?
      Signature

      None are more hopelessly enslaved than those who falsely believe they are free.
      --Johann Wolfgang von Goethe, Elective Affinities (1809)

      {{ DiscussionBoard.errors[6676593].message }}
  • Profile picture of the author seni2com
    Hello ;Just Backup your files or your sql Database from your Panel ,
    {{ DiscussionBoard.errors[6675513].message }}
  • Profile picture of the author JCTorpey
    When my site was hacked, I used Sucuri.net, and still do. The company ofers malware/hack removal specifically for WordPress sites, and continous monitoring for a decent price per year. Its $89 for one site per year, and I think $120 something for up to five sites per year. I experienced that damn persistent htaccess hack, and Sucuri fixed it in less than an hour. Good luck

    With all the affiliate link mean-ness going around lately, I don't want to add mine here because I am unsure of the rules on affiliate links, but if anyone wants to sign up with Sucuri and feel like using my link, PM me and I'll send it. Thanks!
    Signature

    JC Torpey ~ Freelance Writer for Hire
    Read samples and view my portfolio @ Virtual Copy
    Read the VCopy Blog before Sept. 30 and get a discount off all services

    {{ DiscussionBoard.errors[6676655].message }}
  • Profile picture of the author CyberSEO
    Make sure to read these 10 security tips: 10 WordPress security tips that could save your site | CodeForest - web development and programming blog

    Also don't use those WP themes that include old versions of the TimThumb script because it's an easiest way to upload shell to your host. This is very important advice because many rather new premium themes have this vulnerability.
    Signature
    CyberSEO Pro - the ultimate all-in-one autoblogging WordPress plugin, powered by OpenAI GPT-4, Anthropic Claude, Google Gemini Pro, Midjourney, DALL-E 3 and Stable Diffusion XL
    {{ DiscussionBoard.errors[6676915].message }}
  • Profile picture of the author webalfie
    I use WP Security. Seems to have a good deal of options.

    My site was hacked a few months ago and really screwed me up. Since I had over 20 websites on the same hosting account, once one was hacked...they all were.

    Since then I'm really trying to space my websites over multiple hosting accounts to prevent this. Once one hacker gets into your account, they can wreak havoc on all your websites.
    {{ DiscussionBoard.errors[6677045].message }}
  • Profile picture of the author andersvinther
    Sucuri.net are good for cleaning up your site...

    Also you can check the WordPress Security Checklist that I've written... should tighten up your site to prevent it from happening again... see The WordPress Security Checklist
    {{ DiscussionBoard.errors[6723502].message }}
  • Profile picture of the author Leveragist
    Limit Login Attempts is a MUST-HAVE:
    WordPress › Limit Login Attempts « WordPress Plugins

    Before installing this plugin, my sites were hacked. After installation? Not once!
    {{ DiscussionBoard.errors[6723623].message }}
  • Profile picture of the author Kingfish85
    Installing all of these plugins is not a good idea. Most people have no idea that 95% of their problems stem from plugins.

    If you're having major security problems, I'd recommend consulting a security professional, not just installing a bunch of plugins.

    2 of the plugins mentioned are not even supported any longer. THAT is a major concern.
    Signature

    |~| VeeroTech Hosting - sales @ veerotech.net
    |~| High Performance CloudLinux & LiteSpeed Powered Web Hosting
    |~| cPanel & WHM - Softaculous - Website Builder - R1Soft - SpamExperts
    |~| Visit us @veerotech Facebook - Twitter - LinkedIn

    {{ DiscussionBoard.errors[6723683].message }}
  • Profile picture of the author Chris Thompson
    Exactly as Kingfish said - plugins are a security risk so use them sparsely when needed only.

    See this podcast along with the notes:
    http://blog.outsourcefactor.com/podc...urity-podcast/

    Especially do the "homework" from that podcast so you can be comfortable dealing with hacks.
    {{ DiscussionBoard.errors[6723823].message }}
  • Profile picture of the author zombiehunter
    Banned
    I have used successfully the following:
    Limit Login Attempts
    Secure WordPress
    They are both free. If that is the route you want to go.

    If you don't mind paying then Bulletproof, is the best IMHO.
    {{ DiscussionBoard.errors[6812716].message }}
  • Profile picture of the author andersvinther
    Be aware also that WordPress Security is not just about security plugins.

    You also need to think about how you access your hosting account (SFTP), how you manage your passwords, securing your local computer and many other things...

    For the full picture have a read of The WordPress Security Checklist...
    {{ DiscussionBoard.errors[6823046].message }}

Trending Topics