WordPress can make it a lot easier to get your blog posts up and to keep everything organized and looking great. There are security issues, however, with any web technology and WordPress is no exception to that. Here are three plug-ins you can use to enhance the security on your WordPress install. Remember, however, that good security always starts with the user.
Login with More Security
Your password may be strong, but that doesn’t mean that someone can’t find out what it is through social engineering or a hack of some sort. Login Dongle is designed to protect your WordPress installation by offering another layer of security. When you log in, the plug in asks you a security question and keeps your site more security.
There are very good reasons to consider installing this security enhancement. It will, of course, prevent hackers from getting access to your site too easily, but Login Dongle goes beyond that. It also prevents people from hopping on your computer and being able to get into your WordPress administration features by using your saved password. They’ll still have to know the answer to the security question to get in.
Look for Weaknesses
WordPress can be set up to update automatically, as can most WordPress templates. This isn’t something you should rely upon as a complete security solution, however. You’ll want to go further than that in protecting your site and Exploit Scanner offers an additional layer of security by checking for exploits on your comments section, in your database and in your plugins.
Even if you’re making an effort to update regularly, you still could be hanging out there vulnerable to a security exploit that you weren’t even aware of. There’s no complete solution to that problem, but scanning your installation for exploits can reduce the chances that you’re wide open to a particular type of attack.
Change Your Options, with Help
Website Defender has a security scan plugin just for WordPress. This is different than Exploit Scanner in that it looks for common mistakes that people make in their configurations and gives you a chance to change them. It will take a look at your database, check your file permissions, hide the version of WordPress and much more. If you want, you can set it up to work with the WebDefender.com site, which will monitor your site for signs that someone is trying to break into your server.
The plugin can be downloaded from the site linked above.
Adding Security Features
WordPress is well-known and justly praised for making it easy to add features to a site. That convenience extends to far more than adding a few bells and whistles here and there. With these plugins, and others like them, you can up the security on your site and make sure that you’re as safe as possible from hackers and other nefarious types who would love to get access to your server.
There are plenty of WordPress installations out there with lousy passwords on them. If you happen to be the administrator on one of those sites, you need to change that. Rather than trying to think up a password that no one will guess and likely failing, consider using an automatic password generator. You can find one at Strong Password Generator.
The aforementioned plug-ins can do a lot for the security on your WordPress site, but a password is always your first line of defense. Be sure that yours is strong and change it on a regular basis. For the highest levels of security, you may want to consider doing your administrator tasks over a VPN.
Anny Solway is a dedicated writer at ThemeFuse – a web studio that creates original WordPress themes, that can be used out of the box. She loves to share blogging and technology tips.