Recommended WordPress Security Products and Services

A padlocked door with hackers keep out

All the links below go to other pages on this site. On those pages I describe each product in detail – what it does, pros and cons.

I use all of these products on my own websites, and sites that I build for clients of my WordPress agency business, and I will happily answer any additional questions you may have.

1. The first step to securing your WordPress website

The first and most basic step to securing your WordPress installation is to always have a current, clean backup of your entire site.

With a clean, full site backup you can be up and running again within a couple of hours of a disaster hitting your website – whether that’s a natural disaster, such as an earthquake or Tsunami that hit your hosting provider, or a man-made disaster (such as your site being hacked).

Here’s the best plugin I know that offers real-time backups, scheduled backups, automatically downloads your backups to off-site storage and enables you to migrate your site to a new hosting provider quickly and easily, with just a few clicks:

2. How to protect your website and speed up page load times

As I’ve said elsewhere, cyber-crime is one of the fastest real growth industries around today. New malware is being produced all the time.

The Sucuri web application firewall is driven by machine learning that blocks new malware globally, pretty much instantly, no matter where it first surfaces.

And if you’re taking payments on your site, even just via a PayPal button, Sucuri’s web application firewall gets you a long way towards full PCI compliance.

Plus, because it runs on a CDN, it speeds up your page load time:

3. Additionally, there are a number of steps you should take to harden your WordPress site files

The web application firewall is a major deterrent to hackers, but you still need to harden your WordPress site itself against plugin vulnerabilities and brute force attacks.

This involves locking down vulnerable files, enforcing secure passwords, setting up Two Factor Authentication, joining a Brute Force Protection network, reviewing and securing file permissions, and lots more.

These are the things Security Pro sets up and takes care of.

If you think of the web application firewall as locking your front and back doors, you still need to close your windows and lock away your jewellery and valuables. That’s what Security Pro does.

4. Fast, secure hosting is the foundation on which all successful websites are built

The server your website is hosted on has the biggest influence of all the factors that affect the speed at which your site pages load. It also has a huge impact on the level of protection your site has against hackers.

Siteground is a top class hosting provider with servers specially optimised for WordPress, and it is strongly focused on security and performance.

Along with its AI based firewall protection, Siteground works closely with Sucuri to ensure that its hosting environment is as secure as it can be.

Siteground also has a state-of-the-art caching system, augmented by their own plugin that they developed specifically to improve the performance of WordPress websites.

Abledragon (my WordPress agency) rents server space from them to provide our own hosting service to clients who use one of our website maintenance plans.

5. If you re-use the same password just once it is no longer secure

This is for your wider online protection.

Re-using the same password on different accounts is a very common practice. It’s easy to remember just a few simple passwords, but it also makes the job of the hackers very straight-forward.

Hackers use readily available information on commonly used passwords, and sophisticated programs, to carry out dictionary (or brute force) attacks on the login pages of your online accounts.

Once they discover a user name (e.g. an email address) and a password you have used on one account, they immediately try it on all your other accounts.

That’s why it’s imperative that you use long, unique passwords on each account.

A password manager means you don’t have to remember lots of complex, unique passwords. It stores them for you, and logs you in to each of your accounts with one click.

Using a password manager is one of the best things you can do to protect your online identity.

Get in touch with any questions!

If you have any questions on any of these products after reading my descriptions do please get in touch:

Stay safe!

Martin Malden

Martin Malden
Owner – WP Security Basics