Connect with us

Cybersecurity

15 of the Best WordPress Plugins to Keep Your Site Secure

Published

on

 Being the most popular blogging platform worldwide, it’s only natural that WordPress would have a user base in the millions. However, in today’s world, popularity is a double-edged sword – the more popular a particular website is, the higher the chances of spammers and hackers attacking it. Unlike other online platforms for blog, it could be a problem for WordPress and though it’s got strong security features, nothing’s set in stone. Thus, your priority should be to ascertain the safety of your blog and deter hackers from stealing and altering your private information. You wouldn’t want all your effort to go to waste, would you?

Take a look at the top 15 WordPress plugins that are used by bloggers around the world to beef up the security of their site.

 

  1. WP Security Audit Log

01 

Clean and simple, this plugin maintains a log of everything that happens on your WordPress blog or website. You can easily track any suspicious activity and determine the threat level. You receive security alerts in real-time whenever:

  • A new user profile is created
  • WordPress gets an upgrade
  • Users install and activate a WP theme
  • Change their email address or passwords
  • An existing page, post, or category is modified
  • Failed login attempts
  • And much more…

 

  1. Security Ninja

02

A combination of WP security best practices rolled into a single plugin, Security Ninja performs over 31 security tests, like brute-force attacks. Your site is checked thoroughly for holes and security vulnerabilities, and preventative measures help stop attacks.

 

  1. BulletProof Security Pro

03

A single click is all you need to safeguard your Root website folder and your ‘wp-admin’ folder when you have this plugin installed. No longer do you have to worry about hacking trials like XSS, CSRF, SQL Injection, Base64, RFI and Code Injection. A one-time fee is required to activate the spam and hacker protection features.

 

  1. iThemes Security

04

Are you looking for a strong security plugin that is simple enough for novices to operate? Well, you’re in luck. iThemes Security fixes multiple issues that makes WordPress blogs vulnerable, and also boosts the security. The plugin dashboard contains a checklist of action items, arranged in descending order of importance, that you can turn on or off as per your convenience.

 

  1. 6Scan Security

05

Hackers beware! 6Scan provides your site with rule-based protection and regularly updates the security features. The built-in security scanner checks and protects your website against a variety of threats, but the most significant feature of this plugin has got to be the automatic vulnerability fix. Any vulnerable code is automatically fixed using an auto-fix server-side agent solution. Moreover, malware-related issues are easily taken care of by 6Scan.

 

  1. All in One WPSecurity

06

So what features constitute the perfect WP security plugin?

  • Blacklist feature
  • System file security
  • User login security
  • Regular plugin updates
  • Database security
  • User account security
  • Firewall setup
  • Simple user interface

You’ll be happy to know that All in One WPSecurity and Firewall contains all of these features and more, making it one of the most effective WordPress security plugins available online.

 

  1. Sucuri Security

07

Being one of the best web security experts, Sucuri’s plugin was bound to be great. What users didn’t expect was a comprehensive tool that tracked every activity on their site. No breach in security goes unnoticed, and it’s easy for users to review activity logs and notice anything out of the ordinary.

 

  1. BruteProtect

08

Brute force attacks are the most common methods employed by hackers to gain access to your site. However, you need not worry when you have the BruteProtect plugin. Whenever a particular IP address tries to log in to your site and fails more times than usual, it automatically gets blocked.

 

  1. AntiVirus for WordPress

09

This plugin prevents your WordPress blog against malware, viruses and worms. You receive warnings about possible attacks. However, the highlight of this plugin has got to be the multilingual support, which not many plugins deem as necessary.

 

  1. Acunetix WP Security

10

Searching for a free but powerful security tool that secures your WP installation? Acunetix is the solution. It suggests corrective measures that boost the security of your database, secure file permissions, hide versions, and offer admin protection for your blog. Your site is checked for security vulnerabilities, and if any are found, corrective actions are suggested at once.

 

  1. WP-DBManager

11

This is a great plugin that enables you to optimize the database of your site, repair it properly, backup the database, restore it whenever necessary, delete the backup, easily empty/drop tables, and run specific queries. This plugin even supports the automatic scheduling of optimization, repair, and backup tasks for the database.

 

  1. VaultPress

12

From the makers of WordPress comes VaultPress, a premium subscription service. This plugin makes it easy to back up your website daily or in real-time. All the content on your website is synced, and if any threats are detected during scans of your files, they’re immediately dealt with.

 

  1. Clef Two-Factor Authentication

13

For people who don’t want the hassle of dealing with passwords or simply want a better, more secure logging in process, this plugin is the perfect solution. You open the Clef app on your phone and then hold it up in front of the WordPress login screen. Your next task is to line up the patterns on both the devices. You’ll be able to log in to your WP site only when they’ve detected one another.

 

  1. Wordfence Security

14

This free security and performance plugin for WordPress speeds up your site almost 50 times, making it more secure in the process. Any infections already on your site are checked for thoroughly. Though this plugin is free, you can access the Premium version which comes with advanced features like country blocking, two-factor SMS authentication services, and the ability to schedule scans as per your wish.

 

  1. Google Authenticator

15

Two-factor authentication is the way to go when you log onto your website, and this plugin provides just that. No longer do you have to worry about hackers gaining access to your website and uncovering your passwords. You’ll have to download the Google Authenticator app on your smartphone for this to work.

Malicious attacks on websites and blogs are becoming more common with every passing day, and it is imperative that website owners take proper precautions to defend their blogs. For users who don’t know how to code, plugins are the next best option and there are plenty of great WP plugins that offer complete security. The majority of them are safe, simple, and free, and in the end, it all depends on which one you find the best.

About the Author

I’m a professional writer, web developer and CEO of WebBuildersGuide.com. I’ve been working as web interface developer for 4 years and I have a huge experience in website development. Also I’m fond of photography and marketing and of course, writing articles. My work has been published on several popular online magazines. You can follow Lesley on Google+ .

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...





Feedback or Requests?

Click to comment

You must be logged in to post a comment Login

Leave a Reply

Breaches

MyEtherWallet Compromised in Security Breach; Users Urged to Move Tokens

Published

on

Popular cryptocurrency service MyEtherWallet (MEW) is urging users to move their tokens after the platform succumbed to its second cyber attack of the year. As the company reported earlier, hackers targeted MEW’s popular VPN service in an attempt to steal cryptocurrency.

Hola VPN Users Compromised

Rather than target MEW directly, hackers took control of the Hola VPN service, which claims nearly 50 million users. For the next five hours, MEW users who had the Hola chrome extension installed and running on their computer were exposed.

MEW took to Twitter to urge users to move their funds immediately.

“Urgent! If you have Hola chrome extension installed and used MEW within the last 24 hrs, please transfer your funds immediately to a brand new account!” the company said. It added the following message shortly thereafter:”We received a report that suggest Hola chrome extension was hacked for approximately 5 hrs and the attack was logging your activity on MEW.”

At the time of writing, MEW’s Twitter feed had no further updates.

MyEtherWallet is used to access cryptocurrency wallets, where users can send and receive tokens from other people.

The company reportedly told TechCrunch that the attack originated from a Russian-based IP address.

“The safety and security of MEW users is our priority. We’d like to remind our users that we do not hold their personal data, including passwords so they can be assured that the hackers would not get their hands on that information if they have not interacted with the Hola chrome extension in the past day,” MEW said, as quoted by TechCrunch.

It’s not yet clear how many users were compromised in the attack or how much, if any, was stolen from their wallets. MEW suffered a similar incident in February after a DNS attack wiped out $365,000 worth of cryptocurrency from users’ accounts.

Cyber Attacks on the Rise

The attack on MEW came less than 24 hours after Hacked reported another major cyber breach involving Bancor, a decentralized cryptocurrency exchange. The security breach compromised roughly $23.5 million worth of digital currency, including Ethereum, NPXS and BNT, Bancor’s native token.

Last month, a pair of South Korean exchanges fell prey to cyber criminals, prompting local regulators to expedite their approval of new cryptocurrency laws.

It has been estimated that a total of $761 million has been stolen from cryptocurrency exchanges in the first half of the year, up from $266 million in all of 2017. That figure is expected to rise to $1.5 billion this year.

CipherTrace, the company behind the estimates, told Reuters last week that stolen cryptocurrencies are mainly used to launder money and aid criminals in concealing their identities.

Disclaimer: The author owns bitcoin, Ethereum and other cryptocurrencies. He holds investment positions in the coins, but does not engage in short-term or day-trading.

Featured image courtesy of Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
2 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 5 (2 votes, average: 5.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.6 stars on average, based on 502 rated postsSam Bourgi is Chief Editor to Hacked.com, where he specializes in cryptocurrency, economics and the broader financial markets. Sam has nearly eight years of progressive experience as an analyst, writer and financial market commentator where he has contributed to the world's foremost newscasts.




Feedback or Requests?

Continue Reading

Breaches

Mt. Gox vs. Bithumb: That Was Then, This Is Now

Published

on

Bithumb now shares something in common with the Tokyo-based shuttered bitcoin exchange Mt. Gox — both suffered a hack on about the same date, June 19. It’s a club that no exchange wants to belong to and that Bithumb happened on the seven-year anniversary of Mt. Gox’s maiden attack has to be more than an eerie coincidence.

It’s a stark reminder of the risks involved with keeping funds on an unregulated exchange, vulnerabilities that cost South Korea’s Bithumb some $36.6 million in digital cash and Mt. Gox $450 million in hacked bitcoin and its future. The Mt. Gox theft unfolded over a series of hacks that culminated in 2014. Though it’s still early on in the Bithumb hack, it appears the South Korean exchange will recover from the security breach. So what do we know now that we didn’t on June 19, 2011?

Then vs. Now

Former Coinbase official Nick Tomaino, who is also the founder of crypto fund 1 confirmation, reflected on the Mt. Gox hack in what proved to be a prescient tweet given the Bithumb attack that was about to surface.

The thing to note about Mt. Gox is that the Japan-based exchange in 2011 controlled most of the BTC trading volume, approximately three-quarters of it by average estimates — more if you ask Tomaino. Since bitcoin fever caught on in 2017, there are more than 500 cryptocurrency exchanges on which trading volume is shared. Binance boasts the highest trading volume and captures nearly 15% of bitcoin trading. It’s much less than Mt. Gox days but still a little high.

The other thing to note is that the Mt. Gox hack or actually hacks, as there were multiple attacks on the exchange over several years, was a mysterious event that was shrouded in controversy and mistrust of a key executive. Bithumb, on the other hand, confronted the hack seemingly right away on Twitter and has not let any grass grow under its feet in the interim, which is a key difference in the way Mt. Gox was handled.

Also, the bitcoin price didn’t tank in response to the Bithumb hack. It traded lower for a while, but less than 24 hours it was back in the green, which is a reflection of the fact that bitcoin trading is no longer dependent on a single exchange.

Charlie Lee, creator of Litecoin (LTC), the No. 6 cryptocurrency by market cap, was among the first to respond to the Bithumb hack. He tweeted:

Indeed, Bithumb does expect to be able to cover the losses via their reserves.

Crypto Security

It’s still early on in Bithumb’s security breach, and more details are sure to emerge in time. In the meantime, it’s a good idea to use the hack as an opportunity to examine the security of your cryptocurrency investment portfolio. There are several hardware wallet options out there for you to choose from — whether it’s Trezor or Ledger Nano S, to name a couple — and as Charlie Lee advised, “only keep on exchange coins that you are actively trading.”

Featured image courtesy of Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.6 stars on average, based on 24 rated postsGerelyn has been covering ICOs and the cryptocurrency market since mid-2017. She's also reported on fintech more broadly in addition to asset management, having previously specialized in institutional investing. She owns some BTC and ETH.




Feedback or Requests?

Continue Reading

Breaches

Bithumb Hack Prompts South Korea to Hasten Cryptocurrency Regulation

Published

on

South Korea’s second-largest cryptocurrency exchange suffered a security breach on Wednesday, prompting local authorities to hasten their adoption of stricter regulations.

Bithumb Hack

Bithumb confirmed Wednesday that cyber criminals “seized” 35 billion won ($31.6 million) worth of digital cash in an apparent attack targeting user accounts. The exchange halted deposits at approximately 00:53 UTC and began a wholesale transfer of funds to cold storage to prevent further theft.

“We checked that some of cryptocurrencies valued about $30,000,000 was stolen,” Bithumb tweeted Wednesday. “Those stolen cryptocurrencies will be covered from Bithumb and all of assets are being transferring to cold wallet.”

The exchange has confirmed that it will fully compensate affected users.

An earlier update on Bithumb’s Twitter account reveals that a security upgrade was being carried out last week where it transferred to a cold wallet for safe storage. However, it is unclear whether the upgrade is linked to the theft.

In terms of trade volume, Bithumb is the world’s sixth-largest cryptocurrency exchange. The platform processed more than $355 million worth of digital currency transactions in the last 24 hours, according to data provided by CoinMarketCap.

Bithumb is the second South Korean exchange this month to have been hacked. Less than two weeks ago, more than $37 million was compromised in a coordinated attack on Coinrail. The attackers went after the exchange’s coins and lesser-known ERC-20 tokens.

South Korea to Boost Regulation

South Korea’s financial regulators have announced plans to implement stricter guidelines for virtual exchanges, and to do so more expeditiously than previously planned. The announcement, which came on the heels of the Bitthumb attack, follows months of deliberation about whether to regulate cryptocurrency exchanges like banks and other financial institutions.

As CCN notes, cryptocurrency exchanges are presently regulated as “communication vendors,” which means virtually anyone can launch an online trading platform. This designation prevents direct oversight of digital currency exchanges by financial regulators.

New crypto regulations are expected to be rolled out in the coming months, which will put South Korea’s financial authorities on par with their counterparts in the United States and Japan. In those countries, cryptocurrency exchanges must comply with laws pertaining to security and consumer protection.

Park Yong-kin, a committee member of the National Assembly, has championed stricter regulations since last year. According to local media, his views are now being echoed by other government officials.

Disclaimer: The author owns bitcoin, Ethereum and other cryptocurrencies. He holds investment positions in the coins, but does not engage in short-term or day-trading.

Featured image courtesy of Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
1 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 5 (1 votes, average: 5.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.6 stars on average, based on 502 rated postsSam Bourgi is Chief Editor to Hacked.com, where he specializes in cryptocurrency, economics and the broader financial markets. Sam has nearly eight years of progressive experience as an analyst, writer and financial market commentator where he has contributed to the world's foremost newscasts.




Feedback or Requests?

Continue Reading

5 of 15 Seats Available

Learn more here.

Recent Comments

Recent Posts

A part of CCN

Hacked.com is Neutral and Unbiased

Hacked.com and its team members have pledged to reject any form of advertisement or sponsorships from 3rd parties. We will always be neutral and we strive towards a fully unbiased view on all topics. Whenever an author has a conflicting interest, that should be clearly stated in the post itself with a disclaimer. If you suspect that one of our team members are biased, please notify me immediately at jonas.borchgrevink(at)hacked.com.

Trending