Today our plugin of the day is one great & very effective plugin related to WordPress security called “Better WP Security“. If you are using WordPress for your blog or business website, you must take security of your site very seriously.
The easiest, most effective way to secure WordPress. Improve the security of any WordPress site in seconds.
Better WP Security plugin will make sure that your WordPress setup is well secured and you can concentrate on your day to day business or blog activities.
Most WordPress attacks are a result of plugin vulnerabilities, weak passwords, and obsolete software. Better WP Security will hide the places those vulnerabilities live keeping an attacker from learning too much about your site and keeping them away from sensitive areas like login, admin, etc.
What Does Better WP Security Do?
Better WP Security brings in the following changes and makes sure your WordPress site is secured.
- Remove the meta “Generator” tag
- Change the urls for WordPress dashboard including login, admin, and more
- Completely turn off the ability to login for a given time period (away mode)
- Remove theme, plugin, and core update notifications from users who do not have permission to update them
- Remove Windows Live Write header information
- Remove RSD header information
- Rename “admin” account
- Change the ID on the user with ID 1
- Change the WordPress database table prefix
- Change wp-content path
- Removes login error messages
- Display a random version number to non administrative users anywhere version is used
Better WP Security Protection.
- Scan your site to instantly tell where vulnerabilities are and fix them in seconds
- Ban troublesome bots and other hosts
- Ban troublesome user agents
- Prevent brute force attacks by banning hosts and users with too many invalid login attempts
- Strengthen server security
- Enforce strong passwords for all accounts of a configurable minimum role
- Force SSL for admin pages (on supporting servers)
- Force SSL for any page or post (on supporting servers)
- Turn off file editing from within WordPress admin area
- Detect and block numerous attacks to your filesystem and database
Better WP Security Detection
Should all the protection fail Better WP Security will still monitor your site and report attempts to scan it (automatically blocking suspicious users) as well as any changes to the filesystem that might indicate a compromise.
- Detect bots and other attempts to search for vulnerabilities
- Monitor filesystem for unauthorized changes
Better WP Security Recovery
Finally, should the worst happen Better WP Security will make regular backups of your WordPress database (should you choose to do so) allowing you to get back online quickly in the event someone should compromise your site.
Better WP Security Compatibility
- Works on multi-site (network) and single site installations
- Works with Apache, LiteSpeed or NGINX (NGINX will require you to manually edit your virtual host configuration)
- Some features can be problematic if you don’t have enough RAM to support them. All my testing servers allocate 128MB to WordPress and usually don’t have any other plugins installed. I have seen issues with file check and database backups failing on servers with 64MB or less of RAM, particularly if there are many other plugins being used.