WordPress.org

Ready to get started?Download WordPress

Forums

BulletProof Security
[resolved] Additional security plugin? (10 posts)

  1. borderline11
    Member
    Posted 1 year ago #

    Hi,

    I was wondering if I need any other security plugin in addition to Bulletproof that would work well together without any issues
    I already have Limit Login Attempts, would I need anything else? I'm not very keen on having too many plugins though

    thanks !

    http://wordpress.org/extend/plugins/bulletproof-security/

  2. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    I can't recommend any other Security plugins because I only use BPS, but I am pretty sure that BPS is compatible with all other security plugins. You should always check a plugin's Forum area to see what others are saying about a plugin before installing it. And of course you would want to install the plugin on a Test site/Crash Dummy site before installing it on a Live Production site.

  3. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Actually I do use the SI CAPTCHA Anti-Spam plugin and it is not only an Anti-Spam plugin - it is actually a security plugin as well.

    https://www.owasp.org/index.php/Testing_for_Captcha_(OWASP-AT-008)

  4. borderline11
    Member
    Posted 1 year ago #

    Even without recommending any in particular... is it necessary to have something else or does Bulletproof covers pretty much everything?

  5. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Here is the problem with recommending other security plugins. I see some very good ideas that are implemented very poorly (even if it is only a small portion of the coding in a plugin and the rest of the code is fine). So for that reason I will not mention or recommend them. ;)

    You should install a Login protection plugin.
    You should install SI CAPTCHA Anti-Spam.
    You should have a backup plugin installed for disaster recovery.
    Like I said I see some really good ideas in other security plugins, but I am a coder so I always look at a plugin's code first. ;)

  6. borderline11
    Member
    Posted 1 year ago #

    I do have Limit Login Attempts already but I don't have comments on my site, so anti-spam is not really necessary . Also have a backup plugin

  7. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Do you have a CAPTCHA for your Login page? SI CAPTCHA Anti-Spam allows you to add a CAPTCHA to your Login page. ;)

    A CAPTCHA is a deterrent, but if you are already limiting login attempts then yep you can skip this deterrent.

  8. borderline11
    Member
    Posted 1 year ago #

    well, nobody can register on my site and comments are off so I wouldn't really need a Captcha plugin

  9. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Yep then the only thing you would have to worry about regarding your Login is Brute Force Password Cracking. Your login protection plugin should take care of that so yeah you can live without a CAPTCHA on your Login page. A CAPTCHA will slow down automated Bot Brute Force Password Cracking programs, but a Login protection plugin also blocks automated Bot and human login attempts. ;)

  10. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Resolving...

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags

No tags yet.