WordPress Security Plugins.

Security plugin list


Plugins for wordpress are a must. And I use a bunch from Yoast’s SEO plugin and Google Analytics Plugin to WP Super Cache. They all have their place in keeping my sites loading fast and being able to quickly identify and diagnose problems.

But today I’d like to talk security.

I use three primary (and free) plugins for this (amongst other things I do to the server).


  1. Limit Login Attempts
  2. Sucuri Security
  3. UpdraftPlus

Limit Login Attempts Plugin

Limit Login Attempts


Hasn’t been updated in 3 years, but from what I’ve been told it doesn’t need to be. It’s so simple it doesn’t need to be. I’m no security expert, and the 1,100+ lines of code are too complex for me to easily follow, but I believe those that are. You can also scan the lock out logs to find out who was locked out recently… you’ll often find admin, administrator, wordpress and other common names being used to attack your website. So that should reinforce the need to change your default usernames.

Sucuri Security Plugin

Sucuri Security


Is a great plugin to help audit and shore up your WP security. Once installed, you can run it like a virus/malware checker to see if any of your WP files are corrupted. Then you can go to hardening and fix many of the holes in your security (Website Firewall protection

needs a subscription). You can also have it update your security keys, passwords and plugins all from a single page each. It also keeps a log of your most recent logins, which you can check for abnormalities. There’s even more and with this being free and regularly updated, it is by far one of the best tools in my belt.

UpdraftPlus Backup and Restoration



While not strictly a security plugin, Updraft plus is a backup, migration and recovery plugin that is critical to your tool belt.

It allows you to backup your website whenever you want. I recommend before you update your plugins and to set up a regular auto backup schedule.  And it will backup to any of your storage solutions from Google Drive, Dropbox, Amazon, FTP, or even through email.

And it also makes migration a simple task, by letting you upload a backup and having it do all the hard work.

So there you have 3 great plugins for security. What do you do to secure your website? Have you ever had a data loss or hack?


Leave a Reply

Your email address will not be published.