There are a few ways they can really gain access to your blog. Technology is getting so advanced that a lot of the hackers don’t have to do hacking themselves anymore they have programs doing it for them. Let’s look at the solutions to use to secure WordPress.
1. WP Security Scan
This plugin scans your entire site for security issues and checks passwords, folder/file permissions, database security, WP version hiding and WP admin protection and security. Don’t use if you have a weak heart, you could get a fright.
2. WordPress Database Backup
This is one of the plugins that you should almost have installed before you even think of installing your new theme. This plugin does exactly what the name says it does, it makes an entire backup of your WordPress content and can easily be managed. The content can either be backed up to a hard drive, server or even an email address. If it’s a hacker that crashes your WP installation or yourself, this plugin will restore it to its previous greatness.
3. Replace WP-Version
We all know by showing our WP versions we are more likely to be attacked by hackers. This plugin resolves the issue though. If you’re running an older version of WordPress anyone can view the source and then contemplate what attacks might work against the installed version of WordPress. This plugin replaces the Version cue with a generated string which resolves the issue of showcasing your version.
Some say this plugin is better than Wp Spam free but, I think it all depends on the user’s choice of which plugin they want to use. I just wish there was a way to stop spammers in general, then we won’t have to clean out our spam boxes with so many wasted comments every day.
5. AskApache Password Protect
This plugin secures your WP Admin panel with very powerful htaccess password protection, preventing all unwanted guests and bots to gain access to your site.
6. Login Lockdown
Login Lockdown records the IP address and timestamp of every failed WordPress admin login attempt. After a certain number of attempts are detected within a short period of time from the same IP range, the login function is disabled for all requests from that range. You can find locked-out IP ranges manually from the panel.
7. Angsuman’s WordPress Guard Plugin
A must-have WordPress security plugin (compatible with all versions of WordPress) that protects the vulnerable areas of your blog from outside access with an additional layer of security.
8. Admin SSL
This plug-in will work with both private and shared SSL connections and it will force an SSL connection on every page where a password can or has to be entered. It is very helpful to protect the admin area, posts and all the pages of your WordPress installation and secure the login page.
9. Stealth Login
Stealth Login obfuscates your login page by allowing you to define a custom login page rather than the default wp-login.php. In the event that your password is leaked, the hacker will also have a hard time finding the correct login URL. Good use of this is to prevent any malicious bots from accessing your wp-login.php file and attempting to break in.