WordPress Security Plugins report, provides information on the following security plugins like iTheme Security, All In One WP Security & Firewall and more.
Last Updated: May 20, 2020
Latest News: Updated the documentation.
Security is one of the most important factor for websites. WordPress already keeps the platform secured with regular updates, patches and improvements to the CMS. However you the website owner, user or site administrator also need to make sure the site is secured.
In this post you will see a list of the most common and some security plugins I recommend for any WordPress website. Some of these plugins might not work in your environment, so make sure you carry out plenty of tests before you go ahead and install a security plugin and find yourself locked out of your site. Or in some case you might see the famous screen of death “the blank page”. I also recommend that you create a backup before you go ahead and install a security plugin. The following link wordpress-backup-plugins can help you choose the right backup plugin or system.
Information: Always remember to try and not have too many plugins added to your website or blog. The more plugins you add the more request and processing resources it requires to use from your server!!!
Please read the following link Help Support WordPress Plugins And Themes Developers to help support the developers.
Advanced WordPress Security Plugins
Helps protect your WordPress installation from attackers. Hardens standard WordPress security by hiding vital areas of your site, protecting access to important files via htaccess, preventing brute-force login attempts, detecting attack attempts, and more.
Important: This plugin has been downloaded more than 13 million times. There are more than 900 thousand active installations.
You can check my tutorial WordPress iTheme Security Tutorial. It will help you understand and configure the plugin.
Version 7.6.1 | By ithemes, Chris Wiegman, Chris Jean, Matt Danner | Last Updated: December 11, 2019 | Compatible up to WordPress 5.3.2
Website Security Protection: BulletProof Security protects your website against XSS, RFI, CRLF, CSRF, Base64, Code Injection and SQL Injection hacking attempts. One-click .htaccess WordPress security protection. Protects wp-config.php, bb-config.php, php.ini, php5.ini, install.php and readme.html with .htaccess security protection. One-click Website Maintenance Mode (HTTP 503). Additional website security checks: DB errors off, file and folder permissions check… System Info: PHP, MySQL, OS, Server, Memory Usage, IP, SAPI, DNS, Max Upload… Built-in .htaccess file editing, uploading and downloading.
Important: This plugin has been downloaded more than 2 million times.
Version 3.9 | By Edward Alexander | Last Updated: February 8, 2020 | Compatible up to WordPress 5.3.2
A comprehensive, user-friendly, all in one WordPress security and firewall plugin for your site.
Important: This plugin has been downloaded more than 9 million times. There are more than 800 thousand active installations.
You can check my tutorial All In One WP Security Firewall to help you configure this plugin.
Version 4.4.3 | By Tips and Tricks HQ, wpsolutions, Peter Petreski, Ruhul Amin, mbrsolution, Chesio | Last Updated: January 29, 2020 | Compatible up to WordPress 5.3.2
Sucuri Inc. is a globally recognized authority in all matters related to website security, with specialization in WordPress Security.
Important: This plugin has been downloaded more than 3 million times. There are more than 600 thousand active installations.
Version 1.8.24 | By Daniel Cid | Last Updated: February 12, 2020 | Compatible up to WordPress 5.3.2
Intermediate To Advanced WordPress Security Plugins
Wordfence Security is a free enterprise class security plugin that includes a firewall, virus scanning, real-time traffic with geolocation and more.
Important: This plugin has been downloaded more than 105 million times. There are more than 3 million active installations.
Version 7.4.6 | By Mark Maunder | Last Updated: February 12, 2020 |Compatible up to WordPress 5.3.2
Don’t Leave Your Site At Risk
If your site is vulnerable to attack, you’re putting your business and your reputation at serious risk. Getting hacked can mean you’re locked out of your site, client data stolen, your website defaced or offline, and Google will penalise you.
Important: This plugin has been downloaded more than 7 million times.
Version 8.7.0 | By iControlWP | Last Updated: March 14, 2020 | Compatible up to WordPress 5.4
- Run a Complete Scan to automatically remove known security threats and backdoor scripts.
- Firewall block SoakSoak and other malware from exploiting Revolution Slider and other plugins from known vulnerabilites.
- Upgrade vulnerable versions of timthumb scripts.
- Download Definition Updates to protect against new threats.
Important: This plugin has been downloaded more than 2 million times. There are more than 200 thousand active installs.
Version 4.19.50 | By Eli, Anti Malware Admin | Last Updated: December 25, 2019 | Compatible up to WordPress 5.3.2
Beginner To Intermediate WordPress Security Plugins
Simple secure login and user management for WordPress through your Google Apps domain (uses secure OAuth2, and MFA if enabled).
Version 3.3 | By levertechadmin, danlester | Last Updated: December 25, 2019 | Compatible up to WordPress 5.3.2
Google Authenticator for your WordPress blog.
You can read and follow the instructions in my tutorial Google Authenticator Security WordPress
Ian Dunn has developed an additional plugin Google Authenticator Encourage User Activation that compliments this already great plugin. This plugin allows you to encourage or force users to implement Google Authenticator.
Note: The plugin has not been updated since early 2019. However the developer says the reason the plugin has not been updated is because there is no new coded needed yet. You can read more about it in the following forum post. I can confirm the plugins works with WordPress 5.4.1.
Version 0.52 | By Ivan Kruchkoff | Last Updated: May 9, 2019 | Compatible up to WordPress 5.2
You might like to check the following tutorial WordPress Two Factor Authentication Core Files.
Version 0.5.1 | By Ivan Kruchkoff | Last Updated: February 6, 2020 | Compatible up to WordPress 5.3.2
Note: The plugin is GDPR Compliant and supports wide variety of Language Translation
Have a completely Secure login to your WordPress website using this FREE, Simple & very easy to setup plugin. It provides two factor authentication (2FA, MFA) whenever login to your WordPress website ensuring no unauthorised access to your website.
Version 5.4.3 | By miniOrange, twofactor | Last Updated: May 1, 2020 | Compatible up to WordPress 5.4.1
This list will change from time to time and it will grow with more plugins added. Please keep coming back to review the changes and additions.
If you have a questions please let me know
Best WordPress Plugins For Blogs List: