Site icon WP Smith

Security for Your WordPress Site: Processes, Passwords, & Plugins

One of the most important things to consider when developing a site for a client is client education and training on site security. While it is true, that once we develop a site for someone, information security belongs to them. We could have implemented all the best WordPress security plugins and processes, but if the user has a poor password then it will only be a matter of time before they are exploited.

So, first and foremost information security, site security, belongs to both the developer and the client. As far as the client is concerned, if their site gets hack or there is a problem with the site due to security vulnerabilities, the first person they will blame is the developer. However, if we educate our clients on the importance of information security, while it may be their tendency to blame the developer, it may not be their first recourse. Simply speaking, information security is everyone's responsibility.

Most of this information was obtained from WordCamp Phoenix Security Presentation by WPVibe.com co-founder Dre Armeda along with CEO and founder of Webdev Studios, Brad Williams.

So what are some security tips around passwords, plugins, and processes?

Processes

Passwords

Plugins

Security Plugins:

  1. WordPress Exploit Scanner
  2. WordPress File Monitor
  3. Login Lockdown
  4. AskApache Password Protect
  5. BulletProof Security
  6. Secure WordPress
  7. BackupBuddy: Contains a Malware scanner module
  8. See also WP Smith: The Best Security Plugins for WordPress 3.0+

Backup Plugins:

  1. WP Time Machine
  2. WP-DB Backup
  3. BackupBuddy
  4. VaultPress

Website Scanning Tools

  1. Sucuri.net
  2. Unmask Parasites

Malware Removal

  1. Sucuri.net
  2. VaultPress

Security Related Codex Articles

Blog Security Articles **Beware of DATE published!

Info graphic by WPBeginner: