WordPress.org

Ready to get started?Download WordPress

Forums

Can you have "too many" security plugins? (8 posts)

  1. saramcdowell
    Member
    Posted 1 year ago #

    All 4 of my sites were recently hacked and redirected to porn sites. I paid a guy to clean them up and get them back up and all was cool, but now it seems they're getting some htaccess injections. I'm still a newbie at learning the intricacies of all of this, but doing okay so far.

    So can you have too many security plugins installed? I feel as though I have too many and they may conflict with one another. Since I'm not completely comfortable with some of the settings of some of the more advanced plugins, I try something -- if the site still works -- cool.

    Right now I have Better WP Security, WP File Monitor Plus, WP Firewall 2, WP Login Security 2, Wordfence, BackWPup, Block Bad Queries, BulletProof Wp Security

    Overkill? Which ones should I keep? Which should I deactivate and delete? Any that I don't have that I need?

  2. Pioneer Valley Web Design
    Member
    Posted 1 year ago #

    While I have not tested this plugin scenario, I would surmise that these may conflict and also cause severe site performance issues. Best to use one good one or at least consult with each Plugin Dev to ask about know issues with other such plugins.

  3. saramcdowell
    Member
    Posted 1 year ago #

    Thanks, Seacoast, for your reply.

    Is there any agreement among folks as to what the "one good one" is? :)
    Does Wordfence really do it all?

  4. Pioneer Valley Web Design
    Member
    Posted 1 year ago #

    There is not...test locally before deploying.

  5. Adamstar1
    Member
    Posted 1 year ago #

    I would suggest Vault Press as it keeps making automatic backups. Keeping your site secure from hacking is called Hardening. Read about it on wordpress codex and then you can go step by step to install required plugins or add custom code. Not all plugins are compatible. You need to have one for each job.

  6. ThorHammer
    Member
    Posted 1 year ago #

    Also: Search your database (option table) for ftp_credentials. Perhaps someone has full access to your server via your database ... If you are using filezilla this is even more possible.

  7. saramcdowell
    Member
    Posted 1 year ago #

    Thanks, everyone. I shall continue to explore the security plugins. I will look at Vault Press and read the WP Codex on hardening again. I used to use FileZilla, but I deleted all my FTP accounts after my hacking. It is a constant learning curve, isn't it? I really appreciate the community of help.

  8. Haydrion
    Member
    Posted 1 month ago #

    Some security plugins are not working together and have conflicts, a website is never 100% secure, but a backup is important and a security for basic attacks

Topic Closed

This topic has been closed to new replies.

About this Topic