What plugin do I need to make my website secure?

Question

What plugin do I need to make my website secure? What do you have for security in your WordPress sites? Do you use any security service that you recommend? Can you share some steps that are a must to prevent this from happening? I’d be grateful to read any tips or experiences you’d like to share. My two DIVI WordPress sites were hacked 🙁 Now I think that I have to delete the entire installation and try to get it up again.

What plugin do I need to make my website secure?
in progress 0
Ali Akkas 1 month 7 Answers 0

Answers ( 7 )

  1. You need a Secure Socket Layer website domain administration server ( eg SiteGround) they give all websites an SSL certificate free of charge).
    Besides installing an SSL Certificate you will need malware protection. MalCare $99/year – One of the best complete WordPress Security Plugins. It features Auto-Clean which cleans your website within minutes or seconds.

    Get MalCare To Secure Your Website

  2. You need to add an SSL certificate. Most hosts will issue free ones from Let’s Encrypt.
    Once active, you can use a plugin like Really Simple SSL to fix any mixed content issues and force redirect HTTP to https.
    You can use Wordfence, which is great and free BUT can slow down your site OR you can buy iThemes Pro to one of the best security services yet. Wordfence creates 16 tables on your database, that’s the biggest problem
    Anyway, ALWAYS use an SSL certificate.
    7 ways to keep your WordPress website secure:

    1. Good hosting
    2. Safe and unique passwords
    3. A security plugin with 2FA for admin
    4. SSL certificate
    5. Good plugin management (paid to a 3rd party if you aren’t sure how to troubleshoot plugin problems).
    6. Good ongoing and consistent user activity monitoring.
    7. Update themes & Plugins always. 
  3. I like two plugins that I use in tandem to keep my WordPress and Joomla sites secure: Akeeba Admin Tools Pro and Akeeba Backup. The Admin Tools plugin provides a software firewall for your site that is easily configured (if you follow Akeeba’s guidelines). It also can generate a replacement .htaccess file that is hardened against various exploits. I use Akeeba Backup to generate scheduled backups of my sites and export them to cloud storage (OneDrive, Dropbox, etc.) for safekeeping. I have used Akeeba’s plugins for 10+ years and cannot say enough good things about their quality and excellent customer support. 

  4. If you’re talking about adding a lot to your website just get an SSL.
    If you’re talking about website security and protecting your site then Cloudflare on the frontend with firewall rules. Server security such as modsec, WAF, or something along those lines. – sometimes you can’t do anything with this if you’re using shared hosting.
    Lastly, if you want you could have something like Webarx or Malcare, Wordfence, or whatever security plugin you choose.
    If you set up Cloudflare properly it will stop most of the crap. Even on the free plan. The Pro plan and up is better though because they give you their Web Application Firewall rules.

  5. Sucuri plugin is the best, the free version is good. In the dashboard, you can see what you can do to make your website safe. Sucuri is very good, you can create a free API. When the website is hacked they can restore or remove the infected files, Sucuri scan really helps to detect malware. SSL is a general standard. Just invest in an off-site backup solution for WHEN something goes wrong.

  6. In general, none if PHP and .htaccess modifications, SSL, CloudFlare, great host, etc. no plugin is really needed I secure mine firstly by changing the wp-login.php, then use a very good password with upper and lowercase letters, numbers, and symbols. The only plugins I then use are cerber and sucuri both are free and can mask your login URL, block IP addresses, and monitor everything. As a developer, I can also add another level of security by adding another popup login on top of the login page using something called .htpass & .htaccess to ultra-secure the site. Feel free to message me if you need any help.

  7. I’d actually consider Jetpack (entry paid level). The CDN is actually better than Cloudflare in my opinion.
    Cloudflare caching can cause real issues with page/post editing/adding.
    I use Lets Encrypt for my SSL provider too. Again always free, but you have more flexibility.
    I run my sites through a paid VPS too rather than shared hosting.
    If your budget can stretch I’d advise using a cloud/VPS solution rather than shared hosting platforms.
    It offers more flexibility and better protection and also speeds improvements over a shared platform.

Leave an answer

Choose from here the video type.

Put here the video id : https://www.youtube.com/watch?v=sdUUx5FdySs Ex: 'sdUUx5FdySs'.

What is the capital of USA? ( Washington )