Security is the very important aspect for any blog . Blogger users don’t have to worry much about security but if you are using wordpress , then security is vital . If you are good with coding you can manually secure your wordpress blog , but if you are not then there are plugins available . The best wordpress security plugins as per my blogging experience are .
Secure WordPress is a free WordPress plugin from WebsiteDefender that helps secure your WordPress blog by reviewing key security functions. Some of its key security features are
- Remove error-information on login-page
- Add index.php plugin-directory (virtual)
- Add index.html to plugin directory
- Remove the wp-version, except in the admin-area
- Hide wp-version in backend-dashboard for non-admins
- Remove Really Simple Discovery
- Remove Windows Live Writer
- Remove core update information for non-admins
- Remove plugin-update information for non-admins
- Remove theme-update information for non-admins (only WP 2.8 and higher)
- Block bad queries
Better WP Security Provides numerous options to increase the security of your WordPress blog . Its important features are
- Remove the meta “Generator” tag
- Removes login error messages
- Change the urls for backend functions including login, admin, and more
- Limit admin access to specified IP or range of IP addresses
- Ban troublesome bots and other hosts
- Completely turn off the ability to login for a given time period (away mode)
- Prevent brute force attacks by banning hosts and users with too many invalid login attempts
- Display a random version number to non administrative users anywhere version is used (often attached to plugin resources such as scripts and style sheets)
- Remove theme, plugin, and core update notifications from users who do not have permission to update them (useful on multisite installations)10. Remove Windows Live Write header information
- Remove RSD header information1
- Strengthen .htaccess settings
- Enforce strong passwords for all accounts of a configurable minimum role
- Detect attempts to attack your site15. Rename “admin” account16. Security checker
- Change the WordPress database table prefix
- Force SSL for admin pages (on supporting servers)
- Change wp-content path
- Turn off file editing from within WordPress admin area
- Works on multi-site (network) and single site installations
Note: Before making any changes to your blog using the above plugin do backup your wordpress blog .
No comments:
Post a Comment