When you put up your WP site you want to make sure everyone knows about it. Unfortunately, that also means unsavory characters who want to either spam or attack your site. You must take security equally seriously as you do SEO. Popularity requires secure measures. Here are a few of the best available for WP sites.
WebsiteDefender WordPress Security Download
WP Security Scan and Secure WordPress plugins have been merged into one plugin. It not only deals with security issues, but also backs up your database in case a disaster strikes. In fact, it does not actually take care of the security issues. It merely identifies them and notifies you. In this way, it is a big let down. We do not need an adviser, we need a solution.
BulletProof Security Download
The main purpose of this plugin is to protect against injections. It alters the .htaccess file, but you do not have to know anything about how to do that. The plugin does it for you. This offers you a level of security outside of WordPress running. The more layers of security you can make for your blog the stronger it will be against attacks.
Antivirus for WordPress Download
Every site needs an anti-virus program guarding it. This one checks your database tables and themes for injections daily.
Fast Secure Contact Form Download
Contact forms are necessary on every site and spam is ever present, ready to take advantage of those forms. This is a solution that depends on both CAPTCHA and Akismet. So I would not recommend it, since Akismet is a paid solution for e-commerce.
TAC (Theme Authenticity Checker) Download
TAC checks your theme for authenticity. Every file in your theme is examined. Upon discovery of malicious injections it shows the path to the file and a piece of the code, along with the line number. Some are putting out free WP themes with malicious code embedded. This plugin is intended to locate such aberrations.
Login LockDown Download
Put a cap on the number of times any given IP address can try logging in with failures. It puts a halt to brute force attacks. Once the number of failed login attempts has been reached, there is no login available from that IP for a designated period of time. You can customize this period.
Wordfence Download, API Key
This is the only plugin you will need to protect against malicious scrapers, trojans, viruses, malware, and fake bots. It even makes a great defense against brute force attack. It can unbelievably repair the core WP files, theme files and plugins as well. The free version of the API Key does everything except scan and repair themes and plugins. So it is only partially free.
Chap Secure Login Download
If you do not have SSL, you can still secure your login process with this plugin. It uses the SHA-256 algorithm. Forget buying an SSL certificate just to secure a login.
Bad Behavior Download
It works as a security solution against spammers along side other more traditional approaches. It catches the spammers before they have a chance to do anything. This is an amazing plugin and should be added to your tools.
The Final Word
There are many ways to secure a WP website. When considering your security, you should look at many solutions and decide which combination gives you the broadest and strongest security. However, you should also remain mindful of how much these measures may slow down your site. A slower site means a higher risk that people will not wait for pages to load. They may abandon your site before seeing it. So weigh the costs and test the options until you find the right combination for you. Then be adamant about your security measures. Never compromise them or you will regret it.