The Gauntlet Security plugin shows you ways you can make your WordPress site more secure. It does not make changes to your database or to any of your files and it should be compatible with all other security plugins.
Many of the recommendations Gauntlet Security makes involves editing your site's php.ini, wp-config.php, .htaccess, or functions.php files. Doing so is not without risk and it's important to understand what you're doing and how to revert your changes. This is not a "one-click" solution.
Checks and recommendations include:
- Set correct file and directory permissions
- Turn off directory indexing
- Prevent code execution in the uploads directory
- Block files in the includes directory
- Prevent access to any stray files which could be useful to attackers
- Rename or move the content directory
- Disable dangerous PHP functions
- Disable allow_url_include and allow_url_fopen PHP flags
- Use a strong database password
- Change the default database table prefix
- Keep WordPress up-to-date
- Turn off the display of PHP errors
- Turn off file editing in the control panel
- Set security keys in WP-Config file
- Don't advertise the WordPress version you are running
- Turn off self-registration
- Force SSL when accessing the admin area
- Review the development activity and reputation of all plugins
- Remove unused themes from the server
- Do not use TimThumb
- Do not use common user names (such as "admin")
- Do not use weak passwords
- Do not have a user with an ID = 1
- Minimize the number of admin users
- Users should not display their login usernames publicly
- Prevent username enumeration through standard author URLs
- ...more tests planned
Check the screenshots tab above for more detail on some of the above features.
Asgard Security Scanner
Asgard Security Scanner is a fast and free security tool that helps you detect malware in your WordPress installation. Secure your site and increase search ranking.
Our "Cloud" scanner helps you identify and remove any backdoors, trojans and hidden frames in themes/plugins.
Asgard Security Scanner .........
Total Security
The Total Security plugin is the must-have tool when it comes security of your WordPress installation. The plugin monitors your website for security weaknesses that hackers might exploit and tells you how to easily fix them....
WP Antivirus Site Protection (by SiteGuarding.com)
WP Antivirus Site Protection is the security plugin to prevent/detect and remove malicious viruses and suspicious codes.
It detects: backdoors, rootkits, trojan horses, worms, fraudtools, adware, spyware, hidden links, redirection and etc.
WP Antivirus Site Protection scans not only theme files, it.........
All In One WP Security & Firewall
A COMPREHENSIVE, EASY TO USE, STABLE AND WELL SUPPORTED WORDPRESS SECURITY PLUGIN
WordPress itself is a very secure platform. However, it helps to add some extra security and firewall to your site by using a security plugin that enforces a lot of good security practices.
The All In One WordPress S.........
Verelo Blog Monitoring Plugin
Verelo watches your blog 24/7 to ensure that it is up and running without malware infections. Having your site go down, or expolited can damange your reputation and often result in hours of lost traffic. Using Verelo means you can detect issues far before your visitors notice. Verelo really just wan.........
Security and Vulnerability Shield
Plugin made to ease the process of keeping your site safe (from potential exploits/vulnerabilities in WordPress or plugins).
Anyone can use it, no coding skills required, just click "Scan" (next to "Add New" in the Plugins section in WordPress)
and you will get an immediate report for all of your c.........
SecureMoz Security Audit
SecureMoz Security Audit WordPress Security Plugin gives you over 27 ways to secure and protect your WordPress site.
Protecting your Website, Blog or WordPress site with amazingly powerful and real-time traffic filtering safety and security is what SecureMoz WordPress Security Plugin is designed to.........
WPSecureOps Easy Firewall
This is the simplest yet free firewall that can protect your WordPress site by simply toggling few checkboxes in your
admin area.
No coding skills required to enable any of the features, just toggle via the checkboxes and you are ready!
Few of the features that this plugin provides out of the box .........
Security by Supsystic
Reliable protection is simple with Security by Supsystic. Security plugin allows minimizing the risk of unauthorized access to your website, admin area and files.
WordPress Security Plugin by Supsystic performs constant monitoring of suspicious activity and is capable of promptly responding to secu.........
BulletProof Security
BulletProof Security Feature Highlights
One-Click Setup Wizard
jQuery UI Dialog Form Uninstall Options: BPS Pro upgrade uninstallation or complete BPS plugin uninstallation
.htaccess Website Security Protection (Firewalls)
Login Security & Monitoring
Idle Session Logout (ISL)
Auth Cookie Expir.........
