1. Sucuri WordPress Security Plugin
I was on a webinar this past week with an online security expert. She is a real expert. She makes her living as a security expert. She’s the real deal. She mentioned two WordPress security plugins that every WordPress website owner should install. I’ve been using WordPress exclusively for over 3 years now, and I’ve heard the names of these two WordPress security plugins pop up repeatedly from people in the industry whom I respect.
The first WordPress security plugin is the “Sucuri Security – SiteCheck Malware Scanner”. Here’s the link to that plugin at WordPress.org:
Sucuri SiteCheck will check for malware, spam, blacklisting and other security issues like .htaccess redirects, hidden eval code, etc.
This plugin is completely free.
You can also scan your site for free and learn more about Sucuri at the Sucuri Website.
2. Wordfence WordPress Security Plugin
The Wordfence Security Plugin is another extremely important and helpful WordPress Security plugin. I use the free version although there is a paid version that you can find out more about here: http://wordpress.org/extend/plugins/wordfence/
Here’s the blurb for Wordfence on the WordPress.org website:
[quote] Wordfence Security is a free enterprise class security plugin that includes a firewall, anti-virus scanning, malicious URL scanning and live traffic including crawlers. Wordfence is the only WordPress security plugin that can verify and repair your core, theme and plugin files, even if you don’t have backups. Wordfence Security is full-featured and constantly updated by our team to incorporate the latest security features and to hunt for the newest security threats to your WordPress website.[/quote]
They Tried to Hack My WordPress Site!
I just installed Wordfence security plugin this week and today I got an email letting me know that someone tried more than six times to log into my WordPress Website (Jupiter Jim’s Marketing Team site) without my knowledge or permission.
Here’s part of the email message that Wordfence emailed to me:
[quote]A user with IP address xx.nn.xxx.aa has been locked out from the signing in or using the password recovery form for the following reason: Exceeded the maximum number of login failures which is: 6 User IP: xx.nn.xxx.aa [/quote] (xx.nn.xxx.aa is not the actual IP address that was in the email).
I looked up the IP address and the attack originated from Russia.
While Wordfence did not prevent this attack, it did let me know that someone did try to break into my website. That makes me want to remain extra vigilant about my site security and my password security!
You can learn more about Wordfence by checking out the Wordfence Website.
And you can check out some of the Wordfence reviews here.
In the comments below please leave your experiences with either of these plugins or your experiences with WordPress Security Issues.
This is something we all need to learn more about and be more aware of!
Thanks for sharing!
Article Written by Jim Landers aka “Jupiter Jim”