Posted on : 05-05-2013 | By : stargaterich | In : Internet_Marketing
Is WP Security Plug-in Essential?
Following my recent posts on WP attacks by hackers using brute force method, someone wrote me to ask if it is necessary to install WP security plug-in beyond what has been recommended such as using strong WP admin login name and password. Check out my earlier post on the risk of using default WP admin login name and password.
A none harden or minimal secured site is one that do not have additional security measure put in place such as installation of anti intrusion software to deter potential hacking.
No doubt there many vulnerable sites doing fine with no known recorded attacks. However if the hacker so called ‘botnets’ does come across such sites, the rest is history.
Here are 3 free plug-ins that I have installed on several of my money making niche sites. I regularly review the security history logs generated by the installed plug-ins on some of them. It seems of late, that there were increase numerous attempts to login into admin accounts.
Thankfully all the malicious attempts were unsuccessful because of the slow down response mechanism triggered by the plug-in for repeated login failures. My top recommended plug-ins are
- Login Security Solution
If your primary concern is brute force attack, then this is a good solution to consider. It is designed to frustrate hackers by means of increasing the latency time to response to repeated login failures.
- Limit Login Attempts
By default there is no limit on the number of login attempts. This is by far the biggest loop hole that allows brute force attack. Limit Login Attempts prevents an IP from making further login retries after a specified limit on maximum attempt, thus rendering brute-force attack almost impossible.
- Better WP Security
The main benefit of Better WP Security is that some of the major potential security breach loopholes of your WP files are highlighted so that you can take necessary actions to rectify it.
The only shortcoming is that this plug-in is updated quite often so you need to sync up yours frequently.
Quick Wrap Ups
You don’t have to be an expert to make your site less prone to hacker attacks. Most of the WP security related plug-in installation and update is very straightforward. There are many free as well as commercial WordPress security plug-ins that you can quickly leverage on to make your website less vulnerable.
As the saying goes, prevention is better than cure thus make it point and habit to your site CMS (configuration management files such as WordPress software, themes, database and plug-ins) up to date with the latest version or revision.