15 Best WordPress Security Plugins


In this article we collect some great wordpress plugins for security.

1. 6Scan Security


6Scan Security provides enterprise-grade security with a firewall, automatic backup, analytics and much more.

2. Jumpple Security


Jumpple protects your website against technical, content or any other issues that may occur.

3. Page Security by Contexture


Page Security by Contexture International (PSC) lets YOU decide which users can access which content. Add users to groups, set granular permissions for content, and finally take control of your website! Groups allow you to organize your users how YOU see fit, then use your groups to choose who can access posts, pages, custom content, or entire sections of your website. Create an intranet or a members-only area with just a few clicks, or build a subscription based system with automatically expiring memberships. You can even create multiple levels of security for powerful, granular protection of any sub-section on your site. Allows admins to create user groups and set access restrictions for any post, page or section.

4. Htaccess Secure Files


Allows securing files in WP’s media library to be only accessible to users with specific roles, capabilities, or IP addresses. The Htaccess Secure Files plugin allows for setting files to be accessible only to visitors who have a specified IP address or WordPress role or capability. By using .htaccess files to secure the content instead of a separate directory outside the web root, WordPress’s native media library functionality can be used to upload secure files and link to them from within the visual editor.

5. BulletProof Security


WordPress Website Security Protection: BulletProof Security protects your WordPress website against XSS, RFI, CRLF, CSRF, Base64, Code Injection and SQL Injection hacking attempts. One-click .htaccess WordPress security protection. Protects wp-config.php, bb-config.php, php.ini, php5.ini, install.php and readme.html with .htaccess security protection. One-click Website Maintenance Mode (HTTP 503). Additional website security checks: DB errors off, file and folder permissions check… System Info: PHP, MySQL, OS, Server, Memory Usage, IP, SAPI, DNS, Max Upload… Built-in .htaccess file editing, uploading and downloading.

6. Better WP Security


The easiest, most effective way to secure WordPress. Improve the security of any WordPress site in seconds. Better WP Security takes the best WordPress security features and techniques and combines them in a single plugin thereby ensuring that as many security holes as possible are patched without having to worry about conflicting features or the possibility of missing anything on your site.

7. WebsiteDefender WordPress Security


The WebsiteDefender WordPress Security plugin is the ultimate must-have tool when it comes to WordPress security. The plugin is free and monitors your website for security weaknesses that hackers might exploit and tells you how to easily fix them. You can also sign up for a full 15 day WebsiteDefender trial which includes includes extra security checks and daily malware scans. WebsiteDefender integrates with the plugin which allows you to see all your security alerts from your WordPress dashboard.

8. Wordfence Security


Wordfence Security is a free enterprise class security plugin that includes a firewall, virus scanning, real-time traffic with geolocation and more. Wordfence Security is a free enterprise class security plugin that includes a firewall, anti-virus scanning, malicious URL scanning and live traffic including crawlers. Wordfence is the only WordPress security plugin that can verify and repair your core, theme and plugin files, even if you don’t have backups.

9. WordPress HTTPS (SSL)


WordPress HTTPS is intended to be an all-in-one solution to using SSL on WordPress sites.

10. WP-Blacklister


Plugin tool for assembling lists of IP addresses, emails, and URLs from spam comments.

11. Authy for WordPress


Add Authy two-factor authentication to WordPress. Users opt in for an added level of security that relies on random codes from their mobile devices.

Premium Plugins

12. Login Ninja


  • protect login & register forms with captcha
  • automatically ban IPs that brute-force attack you
  • detailed log of all login-related activities
  • redirect users based on roles and usernames
  • get email notifications for all login events
  • protect site from brute-force login attacks
  • stop bots from registering
  • manually ban any IP
  • native, easy to use WP GUI
  • detailed documentation

13. WordPress Sessions Plugin (with Database)


WP Sessions is a unique WordPress plugin which is created for Plugin & Theme Developers. It stores session information for each user as serialized (and optionally encrypted) data in a database table for more security.

14. Scheduled Scanner add-on for Security Ninja


  • give yourself a peace of mind with automated scans and email reports
  • get alerted when your site is hacked
  • compatible with both Security Ninja & Core Scanner add-on
  • extremely easy to setup – set once and forget
  • optional email reports – get them after every scan or only after changes occur on your site
  • detailed, color-coded scan log
  • easy-to-use GUI

15. Security Ninja


  • perform 31+ security tests including brute-force attacks
  • check your site for security vulnerabilities and holes
  • take preventive measures against attacks
  • don’t let script kiddies hack your site
  • prevent 0-day exploit attacks
  • use included code snippets for quick fixes
  • extensive help and descriptions of tests included
  • test the plugin (+ details, help, FAQ)