8 WP Plugins To Optimize and Secure WordPress From Hackers

April 23, 2011 7 Comments

A secure wordpress, free from malware, where your visitors and customers can feel safe is vital to your online success. Unfortunately, the number of web hacking attacks has risen dramatically. WordPress security is an absolute must. If you do not protect your wordpress, hackers can gain access to your website, modify your web content and plugins, install malware and you can have your site banned from Google.

My Problem Can Be Your Lesson!

So I woke up the other day and saw message on one of my wordpress sites that looked like this:

I wasn’t sure if that was true or not so I immediately emailed my hosting admins to investigate this and meanwhile I clicked “Continue Unprotected” as I needed to go in my wp-admin to do some stuff.

Few hours later, here’s what reply I got from my hosting administrators:

WP Plugins To Protect WordPress From Hackers:

So first thing I did was to upgraded my WordPress blog and ALL the plugins to the latest version. Then I spend the next 4 hours researching to find the BEST plugins when it comes to make my wordpress blog run fast but most importantly to clean and keep my wordpress site protected from malware and hackers!

And here are the WordPress Plugins that solved this serious situation that was going on with my wordpress.

  • Antivirus Plugin for WordPress - AntiVirus for WordPress is a smart and effective solution to protect your blog against exploits and spam injections. AntiVirus protection for your blog.
  • WordPress Firewall Plugin - This WordPress plugin monitors web requests to identify and stop the most obvious attacks.
  • Secure WordPress - Secure WordPress beefs up the security of your WordPress installation by removing error information on login pages, adds index.html to plugin directories, hides the WordPress version and much more.
  • Login LockDown – records the IP address and timestamp of every failed login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range. This helps to prevent brute force password discovery.

ADDITIONAL SEURITY STEPS:

  • You need to delete the readme.html file at YOURWORDPRESSURL.com/readme.html
  • Add a blank index page to cover your folders at /wp-content/uploads/
  • Delete or rename the install.php file at /wp-admin/install.php

CREDITS: Special thanks to David Cavanagh for the above critical security steps! :)

WP Plugins To Optimize and Speed-Up WordPress:

  • WP Database Optimizer Plugin – This plugin allows for automated scheduled database optimization. The user can specify (in days) how long in between automated optimizations.

  • Quick Cache Plugin -  Speed up your site ~ BIG Time! – If you care about the speed of your site, Quick Cache is a plugin that you absolutely MUST have installed.
  • Autoptimize Plugin – is a WordPress plugin that speeds up your website, and helps you save bandwidth.

 

WP Plugin To Automate Your WordPress Backups:

A great plugin that automatically makes a backup of your WordPress most important files and settings directly to Amazon S3 is Automatic WordPress Backup. In case you don’t know what’s Amazon S3, it is an extremely cheap storage service that is easy to set up and for pennies a month, you can make sure that your important files will be kept safe.

 

 

John Socratous

My passion and mission is to turn REAL "problems" into REAL "businesses" that will help 1000's of REAL people around the world -- and that's what I do since 2005 in multiple niches! To run my business and manage my team I just need my laptop and an internet connection (and that's what matters!). Sometimes I work from cafes, hotel lobbies or home with (or without) my pijamas. :D

More Posts - Website - Facebook

WordPress

7 Responses to “8 WP Plugins To Optimize and Secure WordPress From Hackers”

  1. Brian Reply April 23, 2011 at 8:35 pm

    Thanks for these great plugins John! I just installed all of them! :)

  2. David Cavanagh Reply April 24, 2011 at 6:46 pm

    John,

    There’s a LOT MORE to do than what you’ve mentioned above, but you’ve still left your blog WIDE OPEN for attacks.

    Have a look at these urls:

    http://www.internetmarketingwizard.com/readme.html

    (You need to delete the readme.html file)

    http://www.internetmarketingwizard.com/wp-content/uploads/

    (No blank index page to cover your folders)

    http://www.internetmarketingwizard.com/wp-admin/install.php

    (You sure you want the install.php file still there?)

    No one can get into your blog by me posting these to you, so don’t feel threatened. If they were going to get you, they’d do it without me posting this John!

    Let me know if I can help you :-)

    David

  3. Hamant Reply September 12, 2011 at 4:24 pm

    Hey John

    I saw that post last week and was going through it and then attended David’s Webinar this morning and it opened my eyes up on security holes
    Thank the both of you for some great insights

    Hamant

  4. Dolftom Reply March 5, 2012 at 11:13 am

    Very nice John, i want to share my experienced too. My wp site also got attacked about a week ago. It using the timthumb.php in my theme to attack. then i read the solutions here :
    http://wpcandy.com/reports/timthumb-security-vulnerability-discovered

    the Free plugin scan is here :
    http://wordpress.org/extend/plugins/timthumb-vulnerability-scanner/

    that’s it, hope it will help, sorry for my bad english.

Leave a Reply