WordPress security

Facebooktwittergoogle_plusmail

Over the weekend I saw this post about some recent attacks on WordPress sites and verifying WordPress security is enabled. I thought for a moment about adding a password limit plugin when I remembered that I had installed WordFence which actually includes an incorrect password limiting feature. There are a ton of other options to go through with WordFence but here are some of the basic features included in the free version.

WordFence WordPress Security home page
                       WordFence home page

WordFence WordPress Security Features

WordPress Security Scans

WordFence WordPress Security Settings; Firewall and Login Security
Settings; Firewall and Login Security

WordFence runs several security scans on your WordPress site. Scans include:

  • Password strength
  • Out-of-date plugins, themes and WordPress versions
  • Posts for known dangerous URLs and suspicious content
  • Files outside your WordPress installation
  • File contents for backdoors, trojans and suspicious code

Login Security Options

WordFence has several login security options in place. Some of them are:

  • Lock out after n password failures
  • Lock out after n forgot password attempts
  • Amount of time a user is locked out
  • Immediately lock out invalid usernames
WordFence WordPress Security Settings; Firewall and Login Security
Settings; Firewall and Login Security

WordFence will email letting me know when there are updates to plugins or themes. It will also email me if there are any issues discovered with a scheduled scan of my entire site.

I’ve been using WordFence for a few months now and overall I’m happy with its features. It’s helped me pinpoint where some security flaws might be and somewhat easily ensure I have a decent level of security with my site.

Facebooktwittergoogle_plusmail