1) AskApache Password Protect
This plugin adds some serious password protection to your WordPress Blog's admin directory. It adds a 2nd layer of security to your blog by requiring a username and password to access anything in the /wp-admin/ folder.
The plugin is simple, you just choose a username and password and you are done. It writes the .htaccess file, without messing it up. It also encrypts your password and creates the .htpasswd file, as well as setting the correct security-enhanced file permissions on both. This plugin automatically picks all the right settings for where to save the .htpasswd and .htaccess files, but you can easily change those settings to anything you want. You can change it whenever you want right from your WordPress Admin Panel.
2) Force SSL
This plugin will force HTTPS connections for security purposes. Of course, you will need a web server "equipped" with a proper SSL certificate to use it. Force SSL works by redirecting any requests for pages via http to https, so no one will be able to access the contest through an insecure http connection.
3) Secure Files
This WordPress plugin allows you to upload and download documents that are, because of security purposes, stored outside of your web document root.
Secure Files works by allowing you to create a directory that is outside of your web document root and to upload/download files from it directly from within the WordPress Administrative Interface.
4) Login LockDown
Login LockDown records the IP address and timestamp of every failed WordPress login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range.
This helps to prevent brute force password discovery. Currently the plugin defaults to a 1 hour lock out of an IP block after 3 failed login attempts within 5 minutes. This can be modified via the Options panel. Administrators can release locked out IP ranges manually from the panel.
5) Secure Form Mailer Plugin For Wordpress
This is the WordPress plugin version of an already existing PHP form mailer script. This plugin has a wide range of features including: Support for multiple instances, an easy to use dynamic form generation system (any number of fields, in any order), multiple recipients, multiple file attachments, optional auto reply feature, an image verification system, numerous security features (including protection against email header injection), a message template system, multiple languages, and too many other things to list.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.