There are a few ways they can really gain access to your blog. Technology is getting so advanced that a lot of the hackers don’t have to do hacking themselves anymore they have programs doing it for them. Let’s look at the solutions to use to secure WordPress.
This plugin scans your entire site for security issues and checks passwords, folder/file permissions, database security, WP version hiding and WP admin protection and security. Don’t use if you have a weak heart, you could get a fright.
This is one of the plugins that you should almost have installed before you even think of installing your new theme. This plugin does exactly what the name says it does, it makes a entire backup of your wordpress content and can easily be managed. The content can either be backedup to a harddrive, server or even a email address. If its a hacker that crashes your WP installion or yourself, this plugin will restore it to its previous greatness.
We all know by showing our WP versions we are more likely to be attacked by hackers. This plugins resolves the issue though. If you’re running a older version of wordpress anyone can view the source and then contemplate on what attacks might work against the installed version of wordpress. This plugin replaces the Version cue with a generated string which resolves the issue of showcasing your version.
Some say this plugin is better than Wp Spam free but, I think it all depends on users choice for which plugin they want to use. I just wish there was a way to stop spammers in general, then we wont have to clean out our spam boxes with so much wasted comments everyday.
This plugin secures your WP Admin panel with a very powerful htaccess password protection, preventing all unwanted guests and bots to gain access to your site.
Login Lockdown records the IP address and timestamp of every failed WordPress admin login attempt. After a certain number of attempts that are detected within a short period of time from the same IP range, the login function is disabled for all requests from that range. You can find locked out IP ranges manually from the panel.
A must-have WordPress security plugin (compatible with all versions of WordPress) that protects the vulnerable areas of your blog from outside access with an additional layer of security.
This plug-in will work with both the private and shared SSL connections and it will force a SSL connection in every page where password can or has to be entered. It is very helpful to protect the admin area, posts and all the pages of your WordPress installation and secure the login page.
Stealth Login obfuscates your login page by allowing you to define a custom login page rather than the default wp-login.php. In the event that your password is leaked, the hacker will also have a hard time finding the correct login URL. A good use of this is to prevent any malicious bots from accessing your wp-login.php file and attempting to break in.