5 handy WordPress security plug-ins, part 2
by Zeljka Zorz - Friday, 27 November 2009.
If you're one among the millions of users of Wordpress, and you really don't have that much knowledge about what's going on under the hood, your best bet to securing your website is to use plug-ins.



A month ago we presented 5 handy WordPress security plug-ins. Here is 5 more:

1. SecurePress Website Security Analyzer

The SecurePress widget installs enough free features to get you started towards securing your site. The ability to see and record your attacks is an excellent starting point. The reports and statistics available in the dashboard help you to better understand the level and magnitude of these attacks.

You will be alerted instantly of any hacking attempts and will also be able to automatically block (available with the Pro version).



2. Semisecure Login Reimagined

Increases the security of the login process by using a combination of public and secret-key encryption to encrypt the password on the client-side when a user logs in. JavaScript is required to enable encryption. It is most useful for situations where SSL is not available, but the administrator wishes to have some additional security measures in place without sacrificing convenience.

This plugin requires PHP to be compiled with openssl support, which is a pretty standard option for most hosts.

3. GD Press Tools

GD Press Tools is a collection of various administration, seo, maintenance, backup and security related tools. It can be integrated into the various WordPress admin panels, can perform maintenance operations, change some aspects of WordPress, etc. The plugin can also track posts and pages views for various popularity lists.



4. WordPress Exploit Scanner

This plugin searches the files on your website, and the posts and comments tables of your database for anything suspicious. It also examines your list of active plugins for unusual filenames.

It does not remove anything. That is left to the user to do.

5. User Locker

Default Wordpress installation is vulnerable to brute force and dictionary attacks, because there is no limit how many times user can use invalid password before finding the correct one. This plugin closes this security hole by introducing maximum number of invalid login attempts. When someone exceeds this number, his/her account becomes locked, and can be unlocked only by requesting new password (using Lost Password option) or asking Admin for help (he/she can do it too). This makes brute force and dictionary attacks nearly impossible.

You can also disable selected user accounts, so users will not be able to log in even if they will know password. You can use this feature to ban selected users.

Spotlight

How to talk infosec with kids

Posted on 17 September 2014.  |  It's never too early to talk infosec with kids: you simply need the right story. In fact, as cyber professionals itís our duty to teach ALL the kids in our life about technology. If we are to make an impact, we must remember that children needed to be taught about technology on their terms.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Sep 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //