WordPress Sites are vulnerable and can be attacked by hackers,bots,spams and others. You can use these top 10 WordPress Security Plugins for security purpose of your WP websites.
perform 31+ security tests including brute-force attacks
check your site for security vulnerabilities and holes
checks for Timthumb vulnerability
take preventive measures against attacks
don’t let script kiddies hack your site
prevent 0-day exploit attacks
use included code snippets for quick fixes
extensive help and descriptions of tests included
2) WP Security Manager :
WP Security Manager is a WordPress plugin that provides all in one security solutions to your WP site.
Block malicious IPs automatically & manually.Screenshot
Prevent from keylogging with virtual keyboard. Demo
Hide wp admin and change wp login url.
Bot protectection with captcha in login , register & comment forms.Demo
Protect from brute-force login attack.
Supervise login activities. Screenshot
Alert via email with login attacks. Screenshot
Detect admin and change username.Screenshot
Change the ID on the user with ID 1.
Smart Security Tools is a powerful plugin for improving security of your WordPress powered website. Plugin contains collection of tweaks and tools for extra security protection along with Security Advisor that can help you determine what needs to be done. Plugin includes integration of Sucuri Free Security Scanner (shows malware on the website and blacklisting status on major security related websites). Plugin includes database based Security Log that can log different event types you can use to detemerime problems, potential attacks and exploits, IP’s used for access, referers, user agents… You can ban IP’s from Security Log.
WP Single Login & Security is an easy way to protect your wordpress website, it prevents Simultaneous login & spam login on wordpress, Auto logout user if user is inactive. Auto block I.P address if many failed login attemps. User I.P Address Whitelist wherein you can allow I.P address that can access the website.
WP Single login is ideal for wordpress members, which prevent user using there account simultaneous, like for example giving their access to there friends,relatives etc. this plugin prevent thats. its also ideal for wordpress shopping websites it can prevent user fraud account and at the same time protect your customer account.
Perform security audit with just 1 click!
Test your system against 27 scientifically proven most dangerous WordPress vulnerabilities
Save time and money – unlimited audits
All tests contain form to solve the problem, or a tip how to fix if it is outside range of WordPress
Change database prefix
Bulk fix most important file permissions
Change username and security keys
Secure most important files with .htaccess
Access tools right from top bar
Wordpres Security Question is a wordpress plugin which enables security question feature on registration form. Plugin has zero configuration and start works on a single click. if you make use of a security question as a way of accessing an account if your user lost password, this plugin is perfect suitable for you.
Check for account named admin.
Determines if the default table prefix is being used.
MySQL DB password strength.
MySQL DB username strength.
Looks to see if admin users authenticate over SSL.
Checks to see if the template editor is enabled.
Checks if plugins can be added/edited/removed through the admin.
Checks if WordPress is up to date.
Checks if you are a plugin hoarder.
Database Query analysis
Image analysis checks
File permissions on certain directory’s
Other useful WordPress and Security Hardening information.
Protect your source code from clients and other users and prevent unexpected core updates. For developers who are maintaining WordPress sites and need full control over all source code revisions.
This simple plugin optionally removes the WordPress theme and plugin editors completely to prevent your clients or other users from viewing and modifying your source code. They aren’t simply removed from the menu, they are fully disabled.
Additionally, this plugin optionally removes the “update nag” message at the top of the screen. Authorized users can still update WordPress (via the “Dashboard” > “Updates” screen in your admin area), but the removal of the update message can help reduce the confusion this message can cause among novice WordPress users.
Additionally, you can lock the plugin’s configuration page to a single user to prevent other users from modifying the plugin settings.
BotPlug is designed to help you secure and protect your WordPress website from malicious bots & crawlers and brute-force attacks which rely on making repeated requests.
By slowing down, redirecting and/or blocking requests from IP Addresses which have made an excessive quantity of requests in a short period of time (or by showing them a CAPTCHA to ensure they are human), BotPlug reduces the load on your server from these unwanted visitors – and helps defend you against automated attacks which rely on making a large number of requests.
This Plugin allows to have independent credentials to site. Also, this plugin can restore deleted admin profile. This plugin will be useful for developers, website owners and website managers.
The guarantee of a quick recovery of access to the admin panel in case of some malfunction and/or any unauthorized access to the administrator account.
Saving of time spent on searching of missed access details to the administrator account or on getting the access details that were not provided.
A quick access to the admin panel provided for the developers, website managers for the operational changes, website managing and support.