Securing a WordPress installation is certainly not a new topic. A quick Google search will turn up a large number of guides on how to go about doing this. Many of these have great information already but this task can often seem tedious to those that are inexperienced or don’t have a lot of time to spend on it. Given that WordPress is by far the most popular script that our clients use on our servers, I wanted to quickly highlight a couple of plugins that we find very useful in mitigating various issues that we’ve observed.
Better WP Security
The Better WP Security plugin offers a set of very straight forward steps that you can follow to help secure your WordPress installation as you can see below.
Each item is color coded based on its current status and there is a link next to each one that isn’t green which will help you to quickly address that particular item. Not all of these items will be relevant to you or even necessary but most of them are a very good idea to implement.
Stop Spammer Registrations
This Stop Spammers plugin is really quite simple yet very effective. It uses more than 15 different methods to help determine if a particular visitor is a spammer, including lookups to various databases like Stop Forum Spam. This is very helpful in stopping spammer account registrations, spam comments, brute force login attempts, etc. dead in their tracks.
As you can see above, this plugin gives you a nice little status report showing how many spammers you’ve blocked and reasoning, along with a recent activity log. This plugin can save you a great deal of moderating time while also protecting your WordPress from these known bots posting malware infected links, etc.
Again I wanted to keep this short and quickly mention these two very helpful plugins. If you do not currently have similar functionality implemented in your own WordPress installations I would highly recommend installing these. If you have other favorite methods or plugins for securing your WordPress we’d love to hear about them in the comments!