Because Wordpress is such a popular blogging tool, it is also susceptible to a large amount of Security issues via attacks, hacking, etc.  So from time-to-time, I like to publish a list of WordPress Security Plugins for your consideration, and here are the latest.  You can search for any of these plugins via the WordPress Plugin section of your WP Dashboard, and all the descriptions are from the WP plugin database.

Simple Security

Simple Security Plugin for WordPress is an Access Log to track Logins and Failed Login Attempts for the admin area of your WordPress Website

You can add a widget to the admin dashboard for logins and Failed Login attempts.

Note:  There is also a paid upgrade for additional features.

WP Security Audit Log

Identify WordPress security issues before they become a security problem by keeping a Security Audit Log of what is happening under the hood of your WordPress blog or website or your WordPress Multisite installation. WP Security Audit Log plugin is developed by WordPress Security Consultants and Professionals WP White Security and is the only WordPress monitoring and auditing plugin that works on both WordPress single site installations and WordPress Multisite.

Look-See Security Scanner

Look-see Security Scanner is a relatively quick and painless way to locate the sorts of file irregularities that turn up when a site is hacked.  This is broken down into multiple searches:

• Verify the integrity of all core WordPress files;
• Search wp-admin/ for unexpected files;
• Search wp-includes/ for unexpected files;
• Search wp-content/uploads/ for hidden PHP scripts;
• Identify file changes since previous scan;
• Locate files left over from older versions of WordPress;
• Analyze configurations for oversights and vulnerabilities

Login Security

Login Security is a plugin that tries to protect you against such attacks. Every successful or failed Login Attempts are recorded. You will probably discover that a lot of brute force attacks are performed on your website. This plugin can tell you how many times an IP address tried to access to the Back-Office of your WordPress website. Then you can easily block the access of this IP address in just “one click”.

On the tested websites there was an average of over 800 login attempts per day.

Current features

• Records every login attempts (failed or successful). Can be used to tell you when a user login
• Display all the failed login or successful login with the associated IP, User-Agent and HTTP referer
• Stats over the number of failed login during last 7 days and last 12 months
• Discover which IP address tries the most to access your website
• Banned an IP address
• Multi languages : English, French (from : France, Canada, Belgium, Switzerland and Luxembourg)

As always if you have any questions or comments, please feel free to list them below.

About the author