Support » Plugin: Shield Security: Powerful All-In-One Protection » best security plugin for WP

  • siga75

    (@siga75)


    I tried several ones, this is the only one that it’s really a WAF, and easy to configure
    I have a real reverse proxy/WAF based on nginx/naxsi and another WAF (modsecurity with OWASP conf and on paranoia level 3) embedded on apache. I also have an IPS, based on Suricata, with ETPRO rules. Still Shield Security was able to block some attack attempts that was not detected by the other security layers. This because it’s designed for working with WP, it’s not a generic WAF.

    And I can tell you since I opened a “hack contest” on my site, with $300 of reward, and believe me when I tell you there’s a lot of attack attempts. With no success so far 🙂

    But this plugin have also a lot of other features, it’s not only a WAF, auto update of WP core and plugins is a killing feature since outdated software is the first think to take care, half of the work is done when you software is up to date. IP block based on customizable number of “offences”, I love this feature.

    OTP login: you can enable 2FA with email or google authenticator (any another method I don’t recall, yubi maybe)

    I got the PRO version since it’s cheap and have some nice feature added, but the most important feature are already available for free. It’s the only plugin that do this.

    Support is great, I had an issue that was caused for a bad conf I placed on PHP conf, they quickly and kindly helped to solve the issue

Viewing 1 replies (of 1 total)
  • WordPress is an open-source and the most commonly used platform for many website owners, almost 30% of the websites are built-in WordPress which makes it a target for the hackers.

    Though there are some WordPress security plugins that help to protect your website but finding the best WordPress Security Plugin is a little bit time taking process.

    WordPress usually publishes new updates to patch all the known vulnerabilities, but few third-party themes and plugins make WordPress vulnerable. Sometimes the hackers manage to find some of these vulnerabilities in WordPress that allow them to hack the whole server.

    So, what should a good WordPress Security Plugin provide? According to me a good WordPress Security Plugin should at-least provide the following facilities:

    Firewalls
    File Scanning
    Malware Scanning
    Blacklist Monitoring
    Active Security Monitoring
    Post-hack Action
    Security Hardening
    Brute Force Attack Protection
    Alert / Notifications for when a security threat is detected and so on
    Most worthwhile security plugins have a price tag, but there are a few security plugins among them that come with limited functionality for free. After some research and I have made a list of best WordPress Security Plugin:

    Sucuri Security
    IThemes Security
    Wordfence Security
    WP Fail2ban
    All In One WP Security & Firewall
    Jetpack
    SecuPress
    BulletProof Security
    VaultPress
    Google Authenticator – Two Factor Authentication

Viewing 1 replies (of 1 total)
  • The topic ‘best security plugin for WP’ is closed to new replies.