1. Wordfence Security
Wordfence Security is a free and opensource. The creators also offer a Premium API key that gives Premium Support, Country Blocking, Scheduled Scans, Password Auditing and check if website IP address is being used to Spamvertize.
Wordfence starts by checking if your site is already infected. It does a deep scan of your source code comparing it to the Official WordPress repository for core, themes and plugins. Wordfence also makes your website faster.
Active Installs: 1+ Million
Average Rating: 5.0 rating based on 2,527 ratings
Wordfence Security Features
- Blocking Features
- Login Security
- Security Scanning
- WordPress Firewall
- Monitoring Features
- Multi-Site Security
- Caching Features
- IPv6 Compatible
- Major Theme and Plugins Supported
2. Theme Authenticity Checker (TAC)
Active Installs: 100,000+
Average Rating: 5.0 rating based on 13 ratings
TAC Features
- TAC searches the source files of every installed theme for signs of malicious code.
- Displays the path to the theme file, the line number, and a small snippet of the suspect code
- TAC also searches for and displays static links.
- Determine where code cleanup is needed
3. All In One WP Security & Firewall
Reduces security risk by checking for vulnerabilities, and implementing and enforcing the latest recommended WordPress security practices and techniques.
Active Installs: 300,000+
Average Rating: 5.0 rating based on 435 ratings
All In One WP Security & Firewall Features
- User Accounts Security
- User Login Security
- User Registration Security
- Database Security
- File System Security
- htaccess and wp-config.php File Backup and Restore
- Blacklist Functionality
- Firewall Functionality
- Allows you to easily add a lot of firewall protection to your site via htaccess file.
- Brute force login attack prevention
- WhoIs Lookup
- Security Scanner
- Comment SPAM Security
- Front-end Text Copy Protection
- Regular updates and additions of new security features
- Works with Most Popular WordPress Plugins
4. Simple Security Firewall
Active Installs: 30,000+
Average Rating: 5.0 rating based on 317 ratings
Simple Security Firewall Features
- Blocks malicious URLs and requests to your site.
- Blocks ALL automated spambot comments.
- Hides your login page.
- Prevents brute force attacks on your login and also any attempted automatic bot logins.
- Plugin Admin Access Protection
- Firewall Protection
- Comment SPAM (Full replacement and upgrade from Akismet)
- FABLE – Fully Automatic Black Listing Engine
- WordPress Lock Down
- Automatic Updates
5. Exploit Scanner
This plugin searches the files and database of your website for signs of suspicious activity. It will not stop someone hacking into your site, but it may help you find any uploaded or compromised files left by the hacker.
Active Installs: 60,000+
Average Rating: 3.5 rating based on 22 ratings
6. BulletProof Security
Available in free and pro versions.
Active Installs: 100,000+
Average Rating: 4.5 rating based on 231 ratings
BulletProof Security Feature Highlights
- One-Click Setup Wizard
- jQuery UI Dialog Form Uninstall Options: BPS Pro upgrade uninstallation or complete BPS plugin uninstallation
- .htaccess Website Security Protection (Firewalls)
- Login Security & Monitoring
- Idle Session Logout (ISL)
- Auth Cookie Expiration (ACE)
- DB Backup: Full|Partial DB Backups | Manual|Scheduled DB Backups | Email Zip Backups | Cron Delete Old Backups
- DB Backup Logging
- DB Table Prefix Changer
- Security Logging
- HTTP Error Logging
- FrontEnd / BackEnd Maintenance Mode
- UI Theme Skin Changer (3 Theme Skins)
7. Sucuri Security
The Sucuri Security WordPress Security plugin is free to all WordPress users. It is a security suite meant to complement your existing security. It offers its users four key security features, each designed to have a positive affect on your website security.
Active Installs: 200,000+
Average Rating: 4.5 rating based on 133 ratings
Sucuri Security Features
- Security Activity Auditing
- File Integrity Monitoring
- Remote Malware Scanning
- Blacklist Monitoring
- Effective Security Hardening
- Post-Hack Security Actions
- Security Notifications
- Website Firewall (add on)
8. Stop Spammers Spam Prevention
In cases where spam is detected, users are offered a second chance to post their comments or login. Denied requests are presented with a captcha screen in order to prevent users from being blocked. The captcha can be configures as OpenCaptcha, Google reCaptcha, or SolveMedia Captcha. The Captcha will only appear when a user is denied access as a spammer.
Active Installs: 30,000+
Average Rating: 4.5 rating based on 136 ratings
9. Anti-Malware Security and Brute-Force Firewall
Active Installs: 100,000+
Average Rating: 5.0 rating based on 272 ratings
Anti-Malware Security Features:
- Run a Complete Scan to automatically remove known security threats and backdoor scripts.
- Firewall block SoakSoak and other malware from exploiting Revolution Slider and other plugins from known vulnerabilites.
- Upgrade vulnerable versions of timthumb scripts.
- Download Definition Updates to protect against new threats.
10. WP Antivirus Site Protection
WP Antivirus Site Protection is the security plugin to prevent/detect and remove malicious viruses and suspicious codes. It detects backdoors, rootkits, trojan horses, worms, fraudtools, adware, spyware, hidden links, redirection and etc.
Active Installs: 5,000+
Average Rating: 4.0 rating based on 30 ratings
WP Antivirus Main Features:
- Deep scan of every file on your website.
- Daily update of the virus database.
- Heuristic Logic feature.
- Quarantine & Malware removal feature
- Alerts and Notifications in admin area and by email.
- Daily cron feature.
- Scanner can detect a wide list of malware types.
- Whitelist solution after manual review.
- Possibility to upload suspicious files to http://www.siteguarding.com server for review by experts.
- View Security reports online
11. AntiVirus for WordPress
Security plugin to protect your blog or website against exploits and spam injections.
Active Installs: 100,000+
Average Rating: 4.0 rating based on 19 ratings
AntiVirus Main Features
- Virus alert in the admin bar
- Cleaning up after plugin removal
- Translations into many languages
- Daily scan with email notifications
- Database tables and theme templates checks
- WordPress 3.x ready: both visually and technically
- Whitelist solution: Mark suspected cases as “no virus”
- Manual check of template files with alerts on suspected cases
- Optional: Google Safe Browsing for malware and phishing monitoring.
12. Quttera Web Malware Scanner
Active Installs: 5,000+
Average Rating: 4.0 rating based on 20 ratings
Quttera Main Features:
- One Click Scan
- Unknown Malware Detection
- External Links Detection
- Blacklist Status
- No Signatures or Patterns Updates
- Artificial Intelligence Scan Engine
- Cloud Technology
- Detail Investigation Report
13. Centrora Security™
Centrora Security is an all in one security plugin. Firewall, malware scanner, backup and file permissions are all integrated into one solution. It is a WordPress Firewall Security to protect your WordPress Sites from attacks and hacking. The built-in Malware and Security Scanner helps you identify any security risks, malicious codes, spam, virus, SQL injection, and security vulnerabilities.
Active Installs: 3,000+
Average Rating: 4.5 rating based on 23 ratings