Looking to secure your wordpress website? Limiting or excluding registration is certainly one way. But even if you don’t allow anyone to login doesn’t mean someone won’t find your login page and try something. There are some good plugins available for those running WordPress 2.7. We have used several and currently like Bad Behavior.
Several of these were new to us. So we offer them to you as suggestions if you currently are looking. Thanks to Daily Blog Tips.
1. Limit Login Attempts : This plugin blocks a user for 20 minutes after he enters wrong password 4 times (default values, can be changed). It is good way to avoid Brute Force attack .
2. Sabre :If you own a WordPress powered blog where users can register freely and see a lot of fake registrations, this plugin can stop fake user registration by bots. It can add image verification or math test to registration process among other measures to make sure fake users are not created.
3. Semisecure Login : This plugin increases the security of login process by using a public key to encrypt the password on client side. The server side then decrypts the password using the private key. Requires Javascript and PHP.
4. Bad Behavior : It checks the visitor’s IP against Project Honey Pot Database to see if it’s a spammer’s. If malicious, it can block that IP from accessing your blog.
5. Secure WordPress : This plugin keeps your WordPress installation secure with the help of little functions. It hides information regarding your WordPress version from non-administrators and plugin directory from visitors by dropping a blank index.php file.
