64 Responses

  1. Frank Jonker
    Frank Jonker April 17, 2012 at 19:27 | | Reply

    Great article, ,thanks for the info and shared.

  2. ChefGaby
    ChefGaby April 17, 2012 at 20:37 | | Reply

    Some links to the WordPress plugins section would be nice.
    I also don’t see the point in linking the images to the image itself.
    I searched for the plugins myself, but linking directly to the plugin would be helpful.

  3. Julio Potier (BoiteAWeb)
    Julio Potier (BoiteAWeb) April 18, 2012 at 09:54 | | Reply

    What about a login plugin protection like “BAW More Secure Login” (WordPress official repo) ?
    What so you think about this strong authentication free plugin ?
    See you !

  4. Davide De Maestri (@gleenk)
    Davide De Maestri (@gleenk) April 18, 2012 at 11:51 | | Reply

    Thanks for the list. Unfortunatly some of them are not very updated :( but thanks anyway!

  5. maurizio
    maurizio April 18, 2012 at 14:15 | | Reply

    i would also add “Better WP Security” – http://goo.gl/4cCvx

  6. Jeff
    Jeff April 18, 2012 at 14:58 | | Reply

    OMG! I just activated and set up Bulletproof. Looks amazing! I am stoked. The real test will be watching what my monitoring service does when it scans my site tomorrow. 😉

  7. Piet
    Piet April 18, 2012 at 17:04 | | Reply

    Same as @ChefGaby for this article to be(come) informative it needs links to the plugins mentioned. I tried searching for the first (Blackhole) but couldn’t find anything, so I won’t even bother with the rest!

    1. Piet
      Piet April 18, 2012 at 17:12 | | Reply

      Arghhh & Oops
      Had this window already open since this am and only now had the time to read it and of course I did not refresh the page.
      Seeing the links now, cheers!

  8. Diana Maria
    Diana Maria April 20, 2012 at 09:24 | | Reply

    Preventing the WordPress blog from unsavory characters is not a problem now. These WordPress security plugins help in minimizing attacks from hackers. These snippets of information helped me with respect to the security and so I thought of sharing them with you all.

  9. Gareth
    Gareth April 28, 2012 at 10:41 | | Reply


    I wonder if you can offer some advice on this. I have a blog that for the last 8 weeks has been receiving unwanted subscriptions. The trouble is I don’t know how they are coming through.

    I use feedburner for both my RSS and email sign up. I have removed the contact us form and replaced with email address written out (the @ replaced with at).

    I have updated all of the relevant plugins and version of WP but I am still getting fake signups that go into the membership section as a subscriber (which isn’t where the email subscriptions are recorded).

    I am not a dev person so am struggling. Any thoughts people?

  10. Rawaf
    Rawaf June 20, 2012 at 10:40 | | Reply

    Perfect Article, thank you for the list, I used some them as like WP Security Scan, WP-DBManager, WordPress File Monitor Plus and AskApache Password Protect
    they are good for me
    best regards

  11. 4decor
    4decor July 12, 2012 at 00:16 | | Reply

    Thank you! i’ve been hacked some weeks ago but still lookin’ for any good protection from malware.

  12. Julio Potier (BoiteAWeb)
    Julio Potier (BoiteAWeb) July 12, 2012 at 01:12 | | Reply

    By the way, WordPress Firewall 2 contains 2 huge security issues (XSRF and XSS), so, it will be deactivated soon.
    Keep in touch, i’ll do a “3” 😉

  13. Dyzk
    Dyzk July 22, 2012 at 09:26 | | Reply

    Thank you. Very useful plugin for wordpress security.

  14. Deano
    Deano October 6, 2012 at 02:58 | | Reply

    I like to know if these plugin conflict eachother.
    Or which plugins work together… Anyone?

  15. Daniel Convissor
    Daniel Convissor October 18, 2012 at 14:28 | | Reply

    Take a look at the (relatively new) “Login Security Solution” plugin, http://wordpress.org/extend/plugins/login-security-solution/. The attack monitoring examines user names, passwords and IP addresses. It accommodates IPv6. The password strength requirements provide full support for UTF-8 passwords, even those using alphabets with only one case. Plus it has a full set of unit tests.

  16. Naoufel
    Naoufel January 8, 2013 at 17:06 | | Reply

    thx 😉 good job

  17. Prabhanjam India IT Solutions
    Prabhanjam India IT Solutions January 30, 2013 at 10:12 | | Reply

    Thank u for your list. It’s good..

  18. Fabio Negalanco
    Fabio Negalanco February 20, 2013 at 04:56 | | Reply
  19. Minimalist Design Websites
    Minimalist Design Websites March 16, 2013 at 16:36 | | Reply

    Great list of plugins exactly what i needed as i have created a new wordpress site. i would have been Great if you could advice the pros and cons some plugins. But anyway it is still good source.

  20. 01darkan01
    01darkan01 March 18, 2013 at 14:44 | | Reply

    hi all i’ve code a new antivirus perl based.
    1) found and remove malicious file and if you want make a backup.
    2) found exploitables file and suggest update
    video demonstration

    if someone is interesting to test please contact me
    last few testing and program will be public

  21. GazD
    GazD April 18, 2013 at 12:34 | | Reply

    Hi Jean, nice blog. Thank you. I am currently working through the maze of WP security options trying to work out what to do and use etc. This certainly helps. Bulletproof security was recommended as well as WP Defender. I assume that either will do?

  22. Mahesh
    Mahesh April 18, 2013 at 16:54 | | Reply

    In one of the websites I manage I see lot of attempts to login to the website automatically. Those are from a particular countries and I can also trace out individual IPs from which I was attacked. I banned few countries and few countries from visiting my website. However I don’t think it’s a good method. I see lots of security plugins mentioned in this article. Is there any particular plugin that could be useful in dealing with my situation?

    Thank you

  23. bloggy9
    bloggy9 April 29, 2013 at 05:23 | | Reply

    thanks for the info. Greatly appreciated.

  24. newblogger
    newblogger May 2, 2013 at 02:53 | | Reply

    Has anyone used “Anti Malware”

  25. newblogger
    newblogger May 2, 2013 at 03:04 | | Reply

    http://wordpress.org/extend/plugins/gotmls/ This is the link. It may be called GOTMLS. I really am new.

  26. Robert Black
    Robert Black May 28, 2013 at 13:46 | | Reply

    That’s a great list. As well as BPS I also use Better WP Security and Secure WordPress. Of course one of the most important things is if you have a user name of “admin” change it NOW!

  27. eMail Tips Daily website
    eMail Tips Daily website June 6, 2013 at 22:21 | | Reply

    I came here from another post on the blog: http://www.wpmayor.com/plugin-reviews/best-plugins-to-hide-wordpress at Jean’s recommendation.

    Excellent tool-set collection, Jean!
    And among them there is one I haven’t heard of yet (the AskApache one…) – this is so cool, I have new toys to play with, tonight…

    Thanks again, Jean!

  28. saanvi
    saanvi June 7, 2013 at 09:09 | | Reply

    Great thanks for this wonderful post about WordPress Security Plugins but I install some Plugins in my WordPress blog & due to lot of Plugins my website wasn’t running. It was showing me Server error. so I don’t use very many plugins.

  29. Ayesha Wahidi
    Ayesha Wahidi June 11, 2013 at 18:08 | | Reply

    thank you so much. I was facing security problems with my blog

  30. Eddie Olivas
    Eddie Olivas July 1, 2013 at 08:04 | | Reply

    Thanks for the info! I’ve been having a lot of trouble with “WordPress HTTPS” with one of my client’s sites it was making it way slow. I’m hoping “Better WordPress Security” will be better. I’ll give it a try now thanks again :)

  31. 01darkan01
    01darkan01 July 9, 2013 at 02:22 | | Reply

    finally i’ve release a new free GPL antivirus customize for wordpress
    to download http://wordpress-antivirus.blogfree.net
    for info or other contact me


  32. Maria S. Walker
    Maria S. Walker August 26, 2013 at 13:27 | | Reply

    With the number of threats online, having a security help for our blog is very essential Good thing you posted this very informative article. Now, we are aware of how to secure our blog’s essential data. Thanks a lot for this post and please continue posting more informative articles.

  33. sampath kumar
    sampath kumar September 13, 2013 at 20:32 | | Reply

    Hello Jean,If you were to recommend me the best free security plugin for my blog http://zackable.com what would it be?

  34. Suraj
    Suraj September 19, 2013 at 17:45 | | Reply

    I prefer “Security Ninja”.It’s one of the most secure wordpress plug-in I have used till now.

  35. brian lacouvee
    brian lacouvee April 18, 2014 at 10:43 | | Reply

    Came across your article looking for an alternative to Best WP Security (iThemes Security). Do you have an update to your opinion now that all this mess has happened to them. I am still using their version 3.6.6. I am concerned they have removed some important features in order to offer them with the pro version. I may be completely wrong, but with what has transpired I have to wonder? Do you have a good WP Security plugin alternative to replace iThemes Security at this time?

  36. rayan
    rayan August 5, 2014 at 23:22 | | Reply

    Brian Lacouvee I advise you the plugin WP Security All In One one of Almighty which ravage right now, it’s simple easy to use rich food security, even copying text is protected.

  37. Ulrich Eckardt - Coach
    Ulrich Eckardt - Coach August 31, 2014 at 15:58 | | Reply

    Thanks a lot for these article to make WP safe!

  38. giannisrizos
    giannisrizos November 27, 2014 at 20:19 | | Reply

    what about pruteprotect is antivirus or not??

  39. giannisrizos
    giannisrizos November 27, 2014 at 20:24 | | Reply

    what about pruteprotect is antivirus or not??
    i need anivirus pluggin and firewall please i had just prute protect thank you!!

    1. Chris
      Chris December 1, 2014 at 03:15 | | Reply

      Assuming you mean Bruteprotect, it seems to be only protecting against brute force attacks.

      From what Jean wrote above, Best WP Security includes that function and more… I know this site (http://cheapest-tickets.com) deals with discount concert tickets and has that plugin in place to defend its business. Pretty smart!

  40. supsystic
    supsystic January 15, 2015 at 10:29 | | Reply

    Hi there!
    I find good security plugin and recomend it for you. You can find it from this sites:

  41. gromudarajako
    gromudarajako February 23, 2015 at 11:56 | | Reply

    Looks promising, i like this ”hide wordpress” thing. For me most important is to change login url, bruteforce, and hide wp.

  42. asssssssdasdasd
    asssssssdasdasd May 18, 2015 at 00:07 | | Reply

    where is wordfence?

    1. Mark Zahra
      Mark Zahra June 5, 2015 at 11:46 | | Reply

      Hi, the post has now been updated again, and it now includes Wordfence also :)

  43. vijaygopal
    vijaygopal May 20, 2015 at 05:33 | | Reply

    hi jean. can you tell me absolute tool for my site http://www.techdroop.com. Please suggest me the right one !!

  44. Matthew
    Matthew June 5, 2015 at 22:34 | | Reply

    In installed the following tool and i scanned my WordPress sites for vulnerabilities https://www.rosehosting.com/blog/install-wpscan-on-an-ubuntu-14-04-vps/

  45. Whiteboard Creations
    Whiteboard Creations June 12, 2015 at 15:55 | | Reply

    Jean, we’re avid users of WordFence Free Version, but am going to be investing in the paid version for 1 of our company sites, while the other company site will have BulletProof from AITpro so we can see the difference in the level and depth these 2 big plugins go to protect the WP site.

    Thanks for the write up on more plugins I never heard of. Do any seem clunky to you or do you prefer one over another?

    What security measures do you take and use on this website/blog?

    – Patrick

  46. vizcano
    vizcano June 13, 2015 at 23:03 | | Reply

    Some of them seem to do the same thing… so if i had to choose. One of each kind of protection… which ones would you recommend?… (They need to be easy to set up… i am a wp rookie)
    I have askimet and stop spammers in my wp site.


    1. jenniferwebdeveloper51
      jenniferwebdeveloper51 August 4, 2015 at 06:09 | | Reply

      Hi vizcano,

      Wordfence and All in One WP security Plugins are best but I recommend you to use Wordfence Plugin. You can see the feature comparison chart of WordPress security plugins http://blog.templatetoaster.com/best-5-wordpress-security-plugins/ and see how Wordfence is the best.

  47. Purushottam Kadam
    Purushottam Kadam July 23, 2015 at 23:35 | | Reply

    Excellent post i found here which i am looking for best security plugin
    I have now using Woodfence security plugin for my blog it’s Damm Good and better

  48. Rahul
    Rahul August 6, 2015 at 07:30 | | Reply

    Hi Jean,

    You have missed a great free security plugin called Simple Security Firewall. It is an all in one plugin with any premium feature restriction.

  49. Erik Emanuelli
    Erik Emanuelli August 31, 2015 at 12:22 | | Reply

    Great information, Jean!

    From the ones you mentioned, “Wordfence Security” plugin, I found it a free and great solution to secure blogs and make them faster.
    Tested and happy with it!

    Thanks for the share.

  50. lupomare
    lupomare September 30, 2015 at 06:42 | | Reply

    Very Good Article

  51. Davis Brown
    Davis Brown October 11, 2015 at 22:32 | | Reply

    Great Such a nice collection of security plugins.really nice keep it up with good sharing.To know more 50+ best wordpress Plugins, go to google & search for “blog.templatetoaster” there you will be finding some best wordpress plugins.

Leave a Reply