Protect Your Blog From Being Hacked With Some Good Plugins

Protect Your Blog

Protect Your Blog! It is a tragic thing, but several blogs get hacked every second and once you get hacked, it can be really hazardous to put everything back in order again. So to avoid or minimize that risk I publish a list with some good plugins to protect your blog from being hacked.

I am not an expert on the subject, but after some research around the web I picked out these  WordPress Plugins!

Protect Your Blog

1: Secure WordPress

Secure WordPress beefs up the security of your WordPress installation by removing error information on login pages, adds index.html to plugin directories, hides the WordPress version and are easy to use and will just run in the background for you. The plugin does the following:

  1. Removes error-information on login-page
  2. Adds index.php plugin-directory (virtual)
  3. Removes the wp-version, except in admin-area
  4. Removes Really Simple Discovery
  5. Removes Windows Live Writer
  6. Remove core update information for non-admins
  7. Remove plugin-update information for non-admins
  8. Remove theme-update informationfor non-admins (only WP 2.8 and higher)
  9. Hide wp-version in backend-dashboard for non-admins
  10. Block bad queries

Visit the download site

2. Block Bad Queries (BBQ)

This script checks for excessively long request strings (i.e., greater than 255 characters), as well as the presence of either “evil(” or “base64” in the request URI. These sorts of nefarious requests were implicated in the September 2009 WordPress attacks.

Download the latest version

3. Login Lockdown

Login LockDown records the IP address and timestamp of every failed login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range. This helps to prevent brute force password discovery. Currently the plugin defaults to a 1 hour lock out of an IP block after 3 failed login attempts within 5 minutes. This can be modified via the Options panel. Admisitrators can release locked out IP ranges manually from the panel. Compatible up to: 2.8.4 for sure, but it hasn´t been updated for a long time.

Download the latest version

4: WP Security Scan

This plugin scans your WordPress installation for security vulnerabilities and suggests corrective actions:

  1. Passwords
  2. File permissions
  3. Database security
  4. Version hiding
  5. WordPress admin protection/security

Visit the download site

Better WP Security

As most WordPress attacks are a result of plugin vulnerabilities, weak passwords, and obsolete software. Better WP Security will hide the places those vulnerabilities live keeping an attacker from learning too much about your site and keeping them away from sensitive areas like login, admin, etc. It has a very high ranking and I have it installed on my site.

  • Remove the meta “Generator” tag
  • Change the urls for WordPress dashboard including login, admin, and more
  • Completely turn off the ability to login for a given time period (away mode)
  • Remove theme, plugin, and core update notifications from users who do not have permission to update them
  • Remove Windows Live Write header information
  • Remove RSD header information
  • Rename “admin” account
  • Change the WordPress database table prefix
  • Change wp-content path
  • Removes login error messages
  • Display a random version number to non administrative users anywhere version is used

Go to download site


Written by Jonny

Hi! I am the author and publisher of this site. Please feel free to comment the articles and don´t forget to share the articles!

Leave a Reply

Your email address will not be published. Required fields are marked *