You already know that safety is important, but you may not realize that WordPress How fragile the installation is. According to WP WhiteSecurity, more than 73% WordPress The installation is vulnerable.
And what is the biggest culprit? According to the data of ithemes, that is WordPress The plug-in itself. The second is the core WordPress Installation, because only about 40% WordPress The core installation is up to date. Then, you have to worry about the theme, which also generates a high proportion of attacks. Finally, there are weak passwords, which lead to about 8% of attacks.
The good news is that many security vulnerabilities can be easily detected and prevented by installing security plug-ins on your website. Like others involved WordPress There are many plug-ins here, so finding the most suitable plug-in for your website is the key to maintaining its security.
use WordPress Hosted services keep your plugins up to date
One of the most effective ways to keep your website safe is to ensure that all your plug-ins are always up to date. Of course, this may be a painful lesson, especially when you have many plug-ins.
With a managed WordPress With the trusteeship plan, you don't have to worry about anything. The server team will update for you WordPress And your plug-in, ensure that there will never be any plug-in conflict, which may confuse your website.
Liquid Web is one of our top recommendations. In addition to management WordPress You will also get daily automatic backups, a temporary website, and other exciting development tools, such as SSH, Git, and WP-CLI.
first-class WordPress security plug-in
Wordfence
Wordence is the most popular in the world WordPress One of the security plug-ins, with more than 2 million active installations. They provide a free and advanced security plug-in, including firewall, security scanner and advanced security tools.
Here are some of the features you get in the free version:
Network application firewall
Endpoint website protection without breaking encryption
Malware interceptors can also intercept malicious code and content
Brute force attack protection
Document and subject integrity check
Real time traffic monitoring, monitoring access and hacker attempts
Prevent attackers through IP or set advanced rules
The advanced version of the plug-in provides these additional functions:
Real time firewall rules and malware signature updates
Real time IP blacklist blocking
Can monitor your website to see if it is blacklisted
Two factor authentication (2FA) for all logins.
Please note that Wordence Premium charges an annual license fee for each website that needs to be protected. For those who need to protect multiple websites, this may become quite expensive.
advantage
Network application firewall
Protect websites from violent attacks
Malware Interceptor
Document and topic integrity checking tool
Provide real-time protection and 2FA (advanced).
shortcoming
Need to upgrade for real-time protection
The maximum length of firewall rules and malware signatures in the free version is 30 days.
License fees are required for each installation
This plug-in is most suitable for users looking for comprehensive tools from trustworthy suppliers.
Integrated WP security and firewall
If you are looking for a comprehensive set of security tools, but do not need a license fee, then the All in One WP Security&Firewall plug-in is a plug-in worth considering. The plug-in provides user account and login security, database and file system security, firewall protection and other tools.
Here are some additional functions of the plug-in:
Ability to query suspicious hosts or IP addresses that visit your website
Security scanning tool to check whether your database table has suspicious strings or code injection
Content spam prevention tools, including verification code tools to help prevent spam
Front end text copy protection
Able to delete WordPress Version and generator element information
Can be translated into many languages, such as German, Italian, Swedish, Chinese and Persian
Robust login attack protection
advantage
No license fee
Robust login protection
Available in 11 languages
Content Spam Protection
Protection against code injection
shortcoming
Intermediate or advanced features may not be compatible with some plug-ins
Plug in may collect your IP information
Unable to prevent malware
This plugin is most suitable for those who are looking for a free comprehensive security tool.
Sucuri Security
Sucuri is one of the most trusted names in the security field. It provides a free WordPress The security plug-in is designed to supplement your current security settings. It provides a variety of WordPress Features not available, such as remote malware scanning. The plug-in also provides the following functions:
Blacklist monitoring
Document integrity monitoring
Notify you of security alerts when problems occur
Effective safety reinforcement
An additional function provided by this plug-in is security after hacker attacks, while other plug-ins do not. Now, this sounds counter intuitive, but if your website is damaged in some way, Sucuri will guide you how to repair the most common damaged places. This tool provides a website firewall function, but it needs an advanced upgrade.
advantage
No license fee
Document integrity check
Security Notice
Website blacklist monitoring
Recovery assistance after hacker attacks
shortcoming
Website firewall is an advanced product
Most monitoring is done remotely
Not as comprehensive as some other tools
This plug-in is most suitable for those who want to obtain monitoring tools from a trusted security provider. Because their business is secure, they know what to look for, and you won't get a bunch of unnecessary functions.
