WordPress Tips

List of The Most Popular WordPress Security Plugins

Wordpress Blog Security Plugins

Have you every wanted to know how to secure your wordpress blog? Imagine being caught out without the proper security plugins installed on your wordpress blog!

Recently thousands of wordpress bloggers had thier sites hacked into because they didn’t have the latest version of wordPress security plugins installed and upgraded.

4800 Websites lost with NO chance of recovery!

Firstly, here’s 5 Tips on how to make your wordpress website or blog secure from malicious software attacks.

  • Install automatic updates so you will be notified of the latest versions and always update your security software and plugins
  • Use a strong password & username of more than 10 digits and change it every 6 months
  • Use a secret key in your wp config file
  • Tie your hta.access files to a specific I.P address
  • Secure your file permissions through your web host cPanel

WordPress also offer a range of security plugins to secure your wordpress blog, Backup your wordpress blog and Migrate/Restore your wordpress blog to a new host.  Here’s a list of the most popular essential wordpress security plugins for complete blog security.

Consider this:Most WordPress Plugins Do Not Fully Backup Your Entire WordPress Site! Including most of  the plugins below.

WordPress Security Plugins

Secure Login

Limit Login Attempts

  • Requires WordPress Version: 2.5 or higher
  • Compatible up to: 3.0.3
  • Downloaded: 43,873 times

Limit the number of login attempts possible both through normal login as well as (WordPress 2.7+) using auth cookies.

By default WordPress allows unlimited login attempts either through the login page or by sending special cookies. This allows passwords (or hashes) to be brute-force cracked with relative ease.

Limit Login Attempts blocks an Internet address from making further attempts after a specified limit on retries is reached, making a brute-force attack difficult or impossible.


  • Limit the number of retry attempts when logging in (for each IP). Fully customizable
  • (WordPress 2.7+) Limit the number of attempts to log in using auth cookies in same way
  • Informs user about remaining retries or lockout time on login page
  • Optional logging, optional email notification
  • Handles server behind reverse proxy
  • Plugin uses standard actions and filters only

General WordPress Security

Secure WordPress

  • Requires WordPress Version: 2.6 or higher
  • Compatible up to: 3.1-alpha
  • Downloaded: 299,552 times

Little help to secure your WordPress installation: Remove Error information on login page; adds index.html to plugin directory; removes the wp-version, except in admin area.


  1. removes error-information on login-page
  2. adds index.php plugin-directory (virtual)
  3. removes the wp-version, except in admin-area
  4. removes Really Simple Discovery
  5. removes Windows Live Writer
  6. remove core update information for non-admins
  7. remove plugin-update information for non-admins
  8. remove theme-update informationfor non-admins (only WP 2.8 and higher)
  9. hide wp-version in backend-dashboard for non-admins
  10. remove version on urls from scripts and stylesheets onyl on frontend
  11. Block bad queries

Security Scan

WP Security Scan

  • Requires WordPress Version: 2.5 or higher
  • Compatible up to: 3.0.3
  • Downloaded: 439,455 times

A WordPress security plugin that scans your WordPress installation for security vulnerabilities and suggests corrective actions.

  • passwords
  • file permissions
  • database security
  • version hiding
  • WordPress admin protection/security
  • removes WP Generator META tag from core code

Future Releases

  • one-click change file/folder permissions
  • test for XSS vulnerabilities
  • intrusion detection/prevention
  • lock out/log incorrect login attempts


  • Requires WordPress Version: 2.7 or higher
  • Compatible up to: 3.1
  • Downloaded: 98,843 times

AntiVirus for WordPress is a smart and effective solution to protect your blog against exploits and spam injections. AntiVirus protection for your blog.


  • WordPress 3.x ready: Design as well as technical
  • Detect the current WordPress permalink back door
  • Quick & Dirty: activate, check, done!
  • Manual testing with immediate result of the infected files
  • Daily automatic check with email notification
  • Whitelist: Mark the suspicion as “No virus”
  • Clean up after uninstall the plugin
  • English, German, Italian, Persian, Russian

WordPress Database Backup


  • Requires WordPress Version: 2.0.3 or higher
  • Compatible up to: 3.1
  • Downloaded: 654,661 times

WP-DB-Backup allows you easily to backup your core WordPress database tables. You may also backup other tables in the same database.


  • Last Updated: 78 days ago
  • Requires WordPress Version: 2.8 or higher
  • Downloaded: 304,780 times

Allows you to optimize database, repair database, backup database, restore database, delete backup database , drop/empty tables and run selected queries. Supports automatic scheduling of backing up and optimizing of database.


Akismet checks your comments against the Akismet web service to see if they look like spam or not and lets you review the spam it catches under your blog’s “Comments” admin screen.

  • Requires WordPress Version: 3.0 or higher
  • Compatible up to: 3.1
  • Downloaded: 5,203,138 times

Major new features in Akismet 2.5 include:

  • A comment status history, so you can easily see which comments were caught or cleared by Akismet, and which were spammed or unspammed by a moderator
  • Links are highlighted in the comment body, to reveal hidden or misleading links
  • If your web host is unable to reach Akismet’s servers, the plugin will automatically retry when your connection is back up
  • Moderators can see the number of approved comments for each user
  • Spam and Unspam reports now include more information, to help improve accuracy

WordPress Backup Plugin

BackupBuddy– This premium WordPress backup plugin is the only wordpress backup plugin that automatically, fully backs up your entire WP site including databases, images, uploads, plugins and SEO configuration to prevent any data or content loss in cases of server failure, security breaches, migration to another domain/host and restoration.

BackupBuddy Features

  • Effortless setup
  • Backup of database, plugins, themes, all other files
  • Restore you WP site
  • Migrate your WordPress site
  • Custom importer script for easy restoration
  • Incremental backups
  • Backup either daily, weekly, bi-monthly, monthly
  • Store backup files via email or FTP
  • Automatic plugin updates

The BackupBuddy plugin is the only current solution to fully backup, migrate and restore your full wordpress backup. Read More about Premium WordPress Backup Plugin here.

WP Maintenance Mode

  • Requires WordPress Version: 2.6 or higher
  • Compatible up to: 3.1-alpha
  • Downloaded: 86,790 times

Adds a maintenance-page to your blog that lets visitors know your blog is down for maintenance. User with rights for theme-options get full access to the blog including the frontend. Activate the plugin and your blog is in maintenance-mode, works and see the frontend, only registered users with enough rights. You can use a date with a countdown for informations the visitors or set a value and unit for infomrations. Also you can add urls for exlude of maintenance mode.

Have you ever uncountered a security breach with your wordpress blog? If you have any wordpress security or wordpress security plugin information you would like to share, please leave a comment.

One reply on “List of The Most Popular WordPress Security Plugins”

Leave a Reply

Your email address will not be published. Required fields are marked *