Common Plugins and Tools to use
I have recommended a couple of plugins through out this tutorial but here is a more complete list of some of the WordPress security plugins to get you started:
Scan your site and make recommendations about how to fix security vulnerabilities
A free spam blocking tool that works with other spam blockers like Akismet
Blocks login from an IP address after X number of failed attempts. Includes settings for how long the IP is blocked and how many attempts need to fail
Written by the same author as WP Security Scan. This one implements some of the basic protections such as hiding the username login confirmation, removes WordPress version and even blocks some malicious database queries
Get notified when a file changes in your WordPress install.
TimThumb.php is a PHP script that allows you to resize images dynamically and efficiently. However, it was also a huge security vulnerability. This plugin scans to see if it is used in your theme or any of your plugins. It can also automatically upload an updated more secure timthumb.php file to protect your site.
Theme Checker and Plugin Checker Plugins:
These plugins run the same automated checks as the people at WordPress.org when they are approving themes and plugins for the repositories. Run them on the themes and plugins on your site to see if they comply.
Non-Plugin Security Resources:
This is a free scanning tool you can use to scan and identify infections on your site. You can subscribe to one of their paid plans to have regular scans and help fixing infections.
This should be installed anyways on your site, but it is also a good way to see if your site has been flagged as by Google as infected.
Other Resources for Advanced Readers
[button color=”black” link=”http://www.d2-d.com/contact/”]Need More Help with your Site’s Security?[/button]