17 December, 2011

Best free plugins to secure your WordPress blog


Security is the very important aspect for any blog .  Blogger users  don’t have to worry much about security but if you are using wordpress , then security is vital . If you are good with coding you can manually secure your wordpress blog , but if you are not  then there are plugins available . The best wordpress security plugins as per my blogging experience are . 
Secure WordPress is a free WordPress plugin from WebsiteDefender that helps secure your WordPress blog by reviewing key security functions. Some of its key security features are
  • Remove error-information on login-page
  • Add index.php plugin-directory (virtual)
  • Add index.html to plugin directory
  • Remove the wp-version, except in the admin-area
  • Hide wp-version in backend-dashboard for non-admins
  • Remove Really Simple Discovery
  • Remove Windows Live Writer
  • Remove core update information for non-admins
  • Remove plugin-update information for non-admins
  • Remove theme-update information for non-admins (only WP 2.8 and higher)
  • Block bad queries
Better WP Security Provides numerous options to increase the security of your WordPress blog . Its important features are
  • Remove the meta “Generator” tag
  • Removes login error messages
  • Change the urls for backend functions including login, admin, and more
  • Limit admin access to specified IP or range of IP addresses
  • Ban troublesome bots and other hosts
  • Completely turn off the ability to login for a given time period (away mode)
  • Prevent brute force attacks by banning hosts and users with too many invalid login attempts
  • Display a random version number to non administrative users anywhere version is used (often attached to plugin resources such as scripts and style sheets)
  • Remove theme, plugin, and core update notifications from users who do not have permission to update them (useful on multisite installations)10. Remove Windows Live Write header information
  • Remove RSD header information1
  • Strengthen .htaccess settings
  • Enforce strong passwords for all accounts of a configurable minimum role
  • Detect attempts to attack your site15. Rename “admin” account16. Security checker
  • Change the WordPress database table prefix
  • Force SSL for admin pages (on supporting servers)
  • Change wp-content path
  • Turn off file editing from within WordPress admin area
  • Works on multi-site (network) and single site installations
wordpress security plugin
Note: Before making any changes to your blog using the above plugin do backup your wordpress blog .

No comments:

Post a Comment