Best WordPress Security Plugins To Protect Your Site

Reading Time: 3 minutes

wordpress security plugins evostrix

WordPress is one of the most popular CMS solutions available today. As such, it is being used by a very large number of websites on our network.

However, its popularity among users also means that it’s extremely popular among hackers as well.

Ofcourse there are alot of other security plugins out there, but these we mention are very light weighted and very easy to install/setup etc.

So here are some security WordPress Plugins to protect your WordPress site from attacks:


cerber wordpress plugin

Cerber Security & Limit Login Attempts (FREE):

Defends WordPress against brute force attacks by limiting the number of login attempts through the login form, XML-RPC / REST API requests or using auth cookies.
Restricts access with a Black IP Access List and a White IP Access List.
Tracks user and intruder activity with powerful email, mobile and desktop notifications.
Stop spam: activates reCAPTCHA for protecting registration and comments forms.
Hardening WordPress.


Cerber Security & Limit Login Attempts


blackhole wordpress plugin

Blackhole For Bad Bots (FREE):

Add your own virtual Blackhole trap for bad bots. The Blackhole plugin includes a hidden link to your pages. You then add a line to your robots.txt file that forbids bots from following the hidden link. Bots that ignore or disobey your robots rules will crawl the link and fall into the honeypot trap. Once trapped, bad bots are denied further access to your WordPress-powered website.

I call it the “one-strike” rule: bots have one chance to obey your site’s robots.txt rule. Failure to comply results in immediate banishment. The best part is that the Blackhole only affects bad bots: human users never see the hidden link, and good bots obey the robots rules in the first place. Win-win!


Blackhole for Bad Bots


BBQ Block Bad Queries

BBQ: Block Bad Queries (FREE):

Block Bad Queries (BBQ) is a simple, super-fast plugin that protects your site against malicious URL requests. BBQ checks all incoming traffic and quietly blocks bad requests containing nasty stuff like eval(, base64_, and excessively long request-strings. This is a simple yet solid solution for sites that are unable to use a strong .htaccess firewall.

Keep Your WordPress And Your Plugins Always Up To Date:

Don’t rely on a security plugin only to secure your WordPress. There are many things to consider in order to make your website secure, here’re some things to consider.

This may sound trivial, but there are a lot of users who simply forget to update. Each new update brings security improvements and is considerably more secure than the previous one. And WordPress is under very active development, so security patches are released frequently. You can use the WP Updates Notifier plugin to notify you when there are available updates for your themes, plugins and the WordPress core.

More Tips To Secure Your WordPress: