Have you selected WordPress as the CMS of choice for your first website? Maybe you’re pretty excited about it.
WordPress powers 30% of the top 10 million websites. It controls more than 60% of the CMS platform market share.
Let us show you a list with plugins that worth a try in 2020.
Some of these plugins have more advanced features than others, which aren’t always necessary for all websites. Some plugins are easier for beginners, while others are better for advanced developers.
Google Authenticator adds a second layer of security to your website login page. This process is known as two-factor authentication (2FA). It is used to ensure the security of online websites beyond just a username and password. Two-factor authentication is important because a lot of brute force attacks attempts to start at the login stage.
Using Google Authenticator you can choose another method of authentication. It can be a regular password followed by:
- a secret question
- a secret code
- a set of characters
- the Google Authenticator app, which sends a secret code to your phone
- QR Code scanning
- Soft Token
- Any App supporting TOTP algorithm like Google, Authy, LastPass Authenticator, QR Code, Push Notification, Soft Token, and Security Questions(KBA)
It has a simple interface and is easy-to-use
You can choose which two-factor authentication method is the easiest for you
Device Identification option lets a user remember the device for future reference
The free version of this plugin offers 2FA authentication for a single user
Premium version can be customized for multiple users. You can select which user types need to go through the authentication process.
Hide My WP Ghost
It hides your WordPress site from attackers, spammers, and theme detectors.
Limit login attempts
Use captcha protection
Hide the fact that your website is built in WordPress by hiding all WordPress related details ( from your wp-login URL, admin URL, names of themes & plugins, hide common paths & custom paths, changes in permalinks, etc)
Monitor, track and log events on your website
Log users events
Log brute force attempts
Block XMLRPC API
Check your WordPress website to Detect potential security breaches
It detects and blocks XSS, SQL Injection type of security attacks on your WordPress website
Compatible with multi-site, apache, Nginx, IIS, premium themes and other security plugins
SecuPress scans your website for security vulnerabilities in six key areas:
- User and login
- Plugins and themes
- WordPress core
- Sensitive data
- Malware scan
easy-to-use and provides a great UI interface
It scans and protects websites from intrusion
The Malware Scanner scans your website at regular intervals to detect any malware or threats
Include anti-spam protection
automated website backups in case a restore is needed
anti brute force logins
blocking country by geolocation
Helps you detect themes and plugins that have been compromised
The most important features:
Offers protection from attacks and sends alerts only when necessary
Blocks all web requests that violate the firewall security rules
Scan core files to detect malicious changes
Login limitations, two-factor authentication for login requests
Checks for vulnerable and outdated plugins and themes and keeps them updated
Works by blocking malicious traffic and only letting through the non-harmful and trusted types
Check your site for security vulnerabilities, issues, and holes, and take preventive measures against attack. Also, Security Ninjas scans your website looking for malicious codes and suspicious files.
perform 50+ security tests with one click
Every test is explained, with instructions provided on how to repair problems
doesn’t make any changes to your WordPress files which means you will have full control of your WordPress website
The Pro version includes a firewall, malware scanner, auto fixer, core scanner, and other tools you’d expect a comprehensive WordPress security solution to include.
The firewall protects your website from fake traffic and bad bots. It enables you to block suspicious IPs from specific countries. And even redirects them to a specific URL.