WordPress.org

Ready to get started?Download WordPress

Forums

Which plugin do you prefer for security? (6 posts)

  1. visualeight
    Member
    Posted 1 year ago #

    Hello, I've been using the "better wp security" plugin but was wondering if anyone who has worked with WordPress for a long time and/or runs many sites in WP prefers a different one and why?

    Thanks in advance.

  2. Have a look at this ebook on Code Poet - http://build.codepoet.com/2012/07/10/locking-down-wordpress/

    In there you will find the opinion of 2 (maybe 3, I forget now) of long time WordPress experts talking about what plugins they like and why.

  3. Jesús Franco
    Member
    Posted 1 year ago #

    Actually, I've come to Better WP Security too reading through that ebook on Code Poet ;-) Pretty much of the security measures are supported easily by Better WP Security.

  4. visualeight
    Member
    Posted 1 year ago #

    Thanks for the heads up guys, I'll check out the ebook!

  5. visualeight
    Member
    Posted 1 year ago #

    As a followup question, I've been getting emails telling me about changed/altered files since I installed this plugin. My site was previously hacked and prior to installing this plugin I did the following:

    1. upgraded wordpress to 3.5
    2. changed my login password to a random generated one, listed as "strong" by the wordpress password generator tool.
    3. changed my database password through phpmyadmin
    4. installed "better wp security and changed the database prefixes, got rid of 'admin' as a login name, and a bunch of other items suggested by the plugin.

    If I'm still getting these file change emails, is it possible that someone still has access to my site? There are only 2 registered users now, both of us are admin level and neither of us use 'admin' as login name.

    My next step I'd like to scan my system files for any trojan horses/malware/spyware/etc., any advice on how to go about doing this and any advice on the rest of my above post regarding the better wp security emails notifying me of file changes?

  6. Jesús Franco
    Member
    Posted 1 year ago #

    It's possible somebody is trying to get access through the password recovery. In the sites I run, we use SI Captcha Plugin, and enable it on recovery password form (not in normal login screen). This way we get rid of spammers on this bit.

Topic Closed

This topic has been closed to new replies.

About this Topic