The Best Security Plugins for WordPress

Nothing replaces experts protecting your website, but security plugins are a tool to work with. We’ve used most of the popular ones for WordPress and have our favorites.

iThemes Security

Website: ithemes.com
Cost: $80/year 1 website

Pros

iThemes Security has a full set of features that are straight forward to use. Cloud based network monitoring is available to potentially block attacks know from to be coming from IP addresses with a history of bad behavior. The security features did not get in the way of any plugins or themes we were using. Features like 2-factor authentication are a big plus.

Cons

Malware detection uses a simple Sucuri Site Check. There is the ability to detect any file changes, but the changes are not prioritized. We liked Sucuri’s ability to check WordPress core files against a release. It looks like only database backups are offered as part of the plugin. Full backups will require a different solution.

Sucuri

Website: sucuri.net
Cost: $199/year 1 website

Pros

Sucuri is one of the more popular solutions to secure your WordPress website. It offers full proxy protection similar to CloudFlare. We loved the ability to check for WordPress core file changes, the flexibility of alerts, and functions to lock down the installation (hardening).

Cons

At almost $200, the plugin is an expensive option for unattended security. We have found the security proxy does cause performance issues in some instances (if enabled).

WordFence

Website: www.wordfence.com
Cost: $99/year 1 website

Pros

WordFence offers a solution similar to Sucuri. They attach your website to a cloud processing service to determine issues with incoming traffic or existing files. Like iThemes Security, WordFence also offers a 2-factor authentication tool.

Cons

There is a free version of the plugin with limited functionality. Without the paid service, there is limited protection for your website. WordFence also seems to offer less features – like local hardening – than other solutions.

Bulletproof Security

Website: affiliates.ait-pro.com
Cost: $70 unlimited websites

Pros

Bulletproof Security offers a localized tool. If you don’t want to connect to a cloud analysis service, this solution will work. There is extensive features in the Pro version with the ability to satisfy most security guidelines.

Cons

The setup and configuration was daunting. We found that some features prevented the ability for our plugins to function. Testing and monitoring is required. Without a cloud based solution, you cannot take advantage of blocking IP addresses known to be causing issues on other websites.

All in One Security and Firewall

Website: wordpress.org/plugins/all-in-one-wp-security-and-firewall/
Cost: Free

Pros

The dashboard with a security score is helpful. The login lockdown feature is one of the best local solutions we’ve found, preventing brute force attacks. The plugin also covers most well-known WordPress security risks and provides a function to solve them.

Cons

The local firewall was limited compared to the other plugins. Similar to Bulletproof Security, there is not a cloud based monitoring service available.

Recent Posts
0

Start typing and press Enter to search