{"id":64651,"date":"2021-01-21T09:20:15","date_gmt":"2021-01-21T14:20:15","guid":{"rendered":"https:\/\/www.inmotionhosting.com\/blog\/?p=64651"},"modified":"2024-08-20T17:22:49","modified_gmt":"2024-08-20T21:22:49","slug":"wordpress-security-plugins","status":"publish","type":"post","link":"https:\/\/www.inmotionhosting.com\/blog\/wordpress-security-plugins\/","title":{"rendered":"WordPress Security Plugins: 9 Signs One is Great"},"content":{"rendered":"\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"538\" src=\"https:\/\/www.inmotionhosting.com\/blog\/wp-content\/uploads\/2021\/01\/canva-wordpress-security-plugins-1024x538.jpg\" alt=\"WordPress Security Plugins: 9 Signs One is Great\" class=\"wp-image-64666\" srcset=\"https:\/\/www.inmotionhosting.com\/blog\/wp-content\/uploads\/2021\/01\/canva-wordpress-security-plugins-1024x538.jpg 1024w, https:\/\/www.inmotionhosting.com\/blog\/wp-content\/uploads\/2021\/01\/canva-wordpress-security-plugins-300x158.jpg 300w, https:\/\/www.inmotionhosting.com\/blog\/wp-content\/uploads\/2021\/01\/canva-wordpress-security-plugins-768x403.jpg 768w, https:\/\/www.inmotionhosting.com\/blog\/wp-content\/uploads\/2021\/01\/canva-wordpress-security-plugins-560x294.jpg 560w, https:\/\/www.inmotionhosting.com\/blog\/wp-content\/uploads\/2021\/01\/canva-wordpress-security-plugins.jpg 1200w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>There\u2019s a plugin for all types of functions: WordPress security, <a href=\"https:\/\/www.inmotionhosting.com\/blog\/what-is-mobile-seo\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">search engine optimization (SEO)<\/a>, <a href=\"https:\/\/www.inmotionhosting.com\/support\/website\/6-ways-to-improve-website-accessibility\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">accessibility<\/a>, expressing <a href=\"https:\/\/wordpress.org\/plugins\/hello-phil\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">Phil Collins<\/a> fandom, and even spawning <a href=\"https:\/\/wordpress.org\/plugins\/cornify-for-wordpress\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">unicorns<\/a>. Sticking with <a href=\"https:\/\/www.inmotionhosting.com\/blog\/ways-to-learn-more-about-cybersecurity\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">website security<\/a>, there are many attack vectors available to cyber criminals including:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a aria-label=\" (opens in a new tab)\" class=\"rank-math-link\" href=\"https:\/\/www.inmotionhosting.com\/support\/email\/scam-email-on-this-day-i-hacked-your-os\/\" target=\"_blank\" rel=\"noreferrer noopener\">Phishing<\/a><\/li>\n\n\n\n<li>Malware<\/li>\n\n\n\n<li>Misconfiguration<\/li>\n\n\n\n<li><a aria-label=\" (opens in a new tab)\" class=\"rank-math-link\" href=\"https:\/\/www.inmotionhosting.com\/blog\/how-strong-is-my-password-2021-password-tips-and-tricks\/\" target=\"_blank\" rel=\"noreferrer noopener\">Weak passwords<\/a><\/li>\n\n\n\n<li><a aria-label=\" (opens in a new tab)\" class=\"rank-math-link\" href=\"https:\/\/www.inmotionhosting.com\/blog\/ddos-attack-is-my-vps-protected\/\" target=\"_blank\" rel=\"noreferrer noopener\">Denial of service (DoS)<\/a><\/li>\n\n\n\n<li>Weak or lack of encryption<\/li>\n<\/ul>\n\n\n\n<p>Furthermore, your cyber risk can be increased by the plugins you use or having too many plugins. Either case can deteriorate overall performance and increase your <a aria-label=\" (opens in a new tab)\" class=\"rank-math-link\" href=\"https:\/\/cheatsheetseries.owasp.org\/cheatsheets\/Attack_Surface_Analysis_Cheat_Sheet.html\" target=\"_blank\" rel=\"noreferrer noopener\">attack surface<\/a>, the amount of ways an attacker can infiltrate a system. This is why it\u2019s best practice to carefully monitor plugin usage. Only install plugins that perform functions you can\u2019t do yourself in a more efficient manner.<\/p>\n\n\n\n<p>A fully-featured WordPress security plugin is one of them. Because breaches can be performed by people or automated bots, you need something that can help you proactively <a href=\"https:\/\/www.inmotionhosting.com\/support\/edu\/wordpress\/10-ways-to-secure-wordpress\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">secure data<\/a> so you spend less time <em>reacting<\/em> to intrusion attempts. Great security plugins pick up where server security stops. Below we\u2019ll cover:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a class=\"rank-math-link\" href=\"#what\">What WordPress Security Plugins Should Do<\/a>\n<ul class=\"wp-block-list\">\n<li><a class=\"rank-math-link\" href=\"#backup\">Backups<\/a><\/li>\n\n\n\n<li><a class=\"rank-math-link\" href=\"#mfa\">Multi-factor Authentication (MFA)<\/a><\/li>\n\n\n\n<li><a class=\"rank-math-link\" href=\"#geo\">Geo-blocking<\/a><\/li>\n\n\n\n<li><a class=\"rank-math-link\" href=\"#login\">Change Login Page<\/a><\/li>\n\n\n\n<li><a class=\"rank-math-link\" href=\"#enumeration\">Prevent User Enumeration<\/a><\/li>\n\n\n\n<li><a class=\"rank-math-link\" href=\"#antivirus\">Antivirus (AV) Scanning<\/a><\/li>\n\n\n\n<li><a class=\"rank-math-link\" href=\"#spam\">Spam Protection<\/a><\/li>\n\n\n\n<li><a class=\"rank-math-link\" href=\"#permission\">Permissions<\/a><\/li>\n\n\n\n<li><a class=\"rank-math-link\" href=\"#siem\">Security Information and Event Management (SIEM)<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><a class=\"rank-math-link\" href=\"#review\">Plugin Review<\/a>\n<ul class=\"wp-block-list\">\n<li><a class=\"rank-math-link\" href=\"#update\">Is it Updated?<\/a><\/li>\n\n\n\n<li><a class=\"rank-math-link\" href=\"#rep\">Reputation<\/a><\/li>\n\n\n\n<li><a class=\"rank-math-link\" href=\"#premium\">Premium or Free<\/a><\/li>\n\n\n\n<li><a class=\"rank-math-link\" href=\"#staging\">Test in Staging<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><a class=\"rank-math-link\" href=\"#best\">Best WordPress Security Plugins<\/a><\/li>\n<\/ul>\n\n\n\n<div style=\"height:25px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"what\">What WordPress Security Plugins Should Do<\/h2>\n\n\n\n<p>While reading, keep in mind that you may not find a single plugin that does all of these things well. We\u2019ll explain when this is the case along with reputable options, but you should read until the end to better understand what\u2019s best for <em>your needs<\/em>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"backup\">Backups<\/h3>\n\n\n\n<p>Why is <a href=\"https:\/\/www.inmotionhosting.com\/blog\/backup-your-website\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\"><em>backups<\/em><\/a> first on this list, you ask? Because nothing else below matters once a hacker gains unauthorized access inside your system. Some features such as log analysis and geo-blocking may slow them down. However, in most cases for a single <a href=\"https:\/\/www.inmotionhosting.com\/blog\/what-is-linux\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">Linux<\/a> web server, you\u2019re better off restoring a known backup and auditing your WordPress <a href=\"https:\/\/www.inmotionhosting.com\/blog\/8-free-cybersecurity-tools-to-secure-your-server\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">security measures<\/a>. Otherwise, they could just monitor your attempts to remove them in real-time and adjust their game plan accordingly.<\/p>\n\n\n\n<p>The best backup plugins will allow you to:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Create backups manually<\/li>\n\n\n\n<li>Download full WordPress backups<\/li>\n\n\n\n<li>Schedule backups at times of low traffic (usually night time)<\/li>\n<\/ul>\n\n\n\n<p>Because there are many important aspects within backups, it may be better to use a dedicated <a href=\"https:\/\/www.inmotionhosting.com\/blog\/finding-the-best-wordpress-plugin-for-backup-purposes\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">backup plugin<\/a> such as <a href=\"https:\/\/www.inmotionhosting.com\/support\/edu\/wordpress\/plugins\/total-upkeep\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">Total Upkeep<\/a> or <a href=\"https:\/\/www.inmotionhosting.com\/support\/edu\/wordpress\/plugins\/updraftplus-backup-plugin\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">UpdraftPlus<\/a>.<\/p>\n\n\n<div class=\"jumbotron\"><p><strong>Backup Manager is the Easiest Way To Protect Your Data<\/strong><\/p>\r\n<p>Stay ahead of unexpected website issues. Backup Manager automatically keeps your files, databases, and emails safe and recoverable.<\/p>\r\n<p><a class=\"btn btn-primary btn-lg\" href=\"https:\/\/www.inmotionhosting.com\/addons\/backup-manager?mktgp=t&irgwc=1&affiliates=5001860&utm_campaign=Jumbotron&utm_source=blog&utm_medium=cta&utm_term=backup-manager-cta1\">Get Backup Manager<\/a><\/p>\r\n<\/div>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"mfa\">Multi-factor Authentication (MFA)<\/h3>\n\n\n\n<p><a aria-label=\" (opens in a new tab)\" class=\"rank-math-link\" href=\"https:\/\/www.lifewire.com\/rainbow-tables-your-passwords-worst-nightmare-2487288\" target=\"_blank\" rel=\"noreferrer noopener\">Rainbow tables<\/a> are databases of passwords one can use for brute-force password attacks and learning how commonly a password is used. They\u2019re easy to find. The best white-hat example I know is <a aria-label=\" (opens in a new tab)\" class=\"rank-math-link\" href=\"https:\/\/haveibeenpwned.com\/Passwords\" target=\"_blank\" rel=\"noreferrer noopener\">HaveIBeenPwned.com<\/a> (HIBP) which allows you to see how many breaches included your email address, domain, and password.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.inmotionhosting.com\/blog\/how-to-set-up-2-factor-authentication-for-wordpress\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">Two-factor authentication (TFA)<\/a> ensures that even if someone correctly guesses your WordPress username and password, they\u2019ll need access to a second attack vector to resume the attack. This is usually an email account or mobile device set up to receive time-based one-time passwords (TOTPs). TFA \/ MFA helps when password strength isn\u2019t high enough.<\/p>\n\n\n\n<p class=\"alert alert-warning\">Just remember to be conscious of <a href=\"https:\/\/www.techradar.com\/news\/multi-factor-authentication-systems-tricked-in-new-cyber-scam\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">MFA phishing scams<\/a>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"geo\">Geo-blocking<\/h3>\n\n\n\n<p>MFA is stronger when you can also block login attempts based on IP address and geolocation. A firewall feature to authenticate <em>where you are<\/em> offers an alternative option from the common <a href=\"https:\/\/dis-blog.thalesgroup.com\/security\/2011\/09\/05\/three-factor-authentication-something-you-know-something-you-have-something-you-are\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">three-factor authentication<\/a> methods:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Something you know<\/li>\n\n\n\n<li>Something you have<\/li>\n\n\n\n<li>Something you are<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"login\">Change Login Page<\/h3>\n\n\n\n<p>WordPress malware usually target code \u201c\/wp-admin\u201d and \u201c\/wp-login\u201d because it\u2019s the default login page. A good WordPress security plugin will allow you to block these pages and IPs that attempt to access them. Then you can create a custom, obscure login URL instead. <a href=\"https:\/\/www.inmotionhosting.com\/support\/edu\/wordpress\/using-loginizer-to-protect-against-wordpress-brute-force-attacks\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">Loginizer<\/a> is popular for its focus on this feature.<\/p>\n\n\n<div class=\"wp-block-image is-resized\">\n<figure class=\"alignright size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"866\" height=\"661\" src=\"https:\/\/www.inmotionhosting.com\/blog\/wp-content\/uploads\/2021\/01\/wordpress-login-errors.png\" alt=\"WordPress login page errors\" class=\"wp-image-64655\" srcset=\"https:\/\/www.inmotionhosting.com\/blog\/wp-content\/uploads\/2021\/01\/wordpress-login-errors.png 866w, https:\/\/www.inmotionhosting.com\/blog\/wp-content\/uploads\/2021\/01\/wordpress-login-errors-300x229.png 300w, https:\/\/www.inmotionhosting.com\/blog\/wp-content\/uploads\/2021\/01\/wordpress-login-errors-768x586.png 768w, https:\/\/www.inmotionhosting.com\/blog\/wp-content\/uploads\/2021\/01\/wordpress-login-errors-560x427.png 560w\" sizes=\"auto, (max-width: 866px) 100vw, 866px\" \/><figcaption class=\"wp-element-caption\">WordPress login errors can expose user information<\/figcaption><\/figure>\n<\/div>\n\n\n<h3 class=\"wp-block-heading\" id=\"enumeration\">Prevent User Enumeration<\/h3>\n\n\n\n<p><strong>User enumeration<\/strong> is an attempt to discover login usernames. The easiest way to do this in WordPress is with author pages (\/?author=[number]) and REST API. There are ways to <a href=\"https:\/\/www.getastra.com\/blog\/cms\/wordpress-security\/stop-user-enumeration\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">prevent user enumeration without plugins<\/a>, so this feature isn\u2019t a must-have. However, a WordPress security plugin that makes this easier and redirects attempts to a <a href=\"https:\/\/www.inmotionhosting.com\/blog\/automatic-404-page-redirects\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">404 page<\/a> deserves consideration.<\/p>\n\n\n\n<p>Bonus points if the WordPress security plugin removes the login error notification which verifies if an username exists.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"antivirus\">Antivirus (AV) Scanning<\/h3>\n\n\n\n<p>Even if you take measures to <a href=\"https:\/\/www.inmotionhosting.com\/blog\/6-ways-to-secure-your-web-activity-from-your-computer\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">secure your PC<\/a>, your <a href=\"https:\/\/www.inmotionhosting.com\/support\/edu\/software\/antivirus-software-list\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">AV scanner<\/a> may not catch everything. Others with access to upload files to your website may not have a file scanner at all. A WordPress security scanner can compliment or even supersede your <a aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.inmotionhosting.com\/support\/security\/clamav-or-imunifyav\/\" target=\"_blank\" rel=\"noreferrer noopener\" class=\"rank-math-link\">server AV scanner<\/a> if it can:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Do integrity checks with file change management (usually via <a aria-label=\" (opens in a new tab)\" class=\"rank-math-link\" href=\"https:\/\/www.inmotionhosting.com\/support\/security\/reasons-your-checksum-doesnt-match-the-original\/\" target=\"_blank\" rel=\"noreferrer noopener\">checksum<\/a>)&nbsp;<\/li>\n\n\n\n<li>Quarantine suspicious files and repair WordPress core files<\/li>\n\n\n\n<li>Ignore files that are modified regularly<\/li>\n\n\n\n<li>Display history of results for past scans<\/li>\n\n\n\n<li>Schedule scans at times when backups aren\u2019t taking place and server load is still low&nbsp;<\/li>\n<\/ul>\n\n\n\n<p>Similar to backups, it may be beneficial to install a dedicated scanner plugin such as <a href=\"https:\/\/www.inmotionhosting.com\/support\/edu\/wordpress\/wordpress-vulnerabilities-wpscan\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">WPScan<\/a>. It connects with <a href=\"https:\/\/wpvulndb.com\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">WPvulnDB.com<\/a> to gather related vulnerability reports from various sources including <a href=\"https:\/\/cve.mitre.org\/about\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">Common Vulnerabilities and Exposures (CVE)<\/a>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"spam\">Spam Protection<\/h3>\n\n\n\n<p><a aria-label=\" (opens in a new tab)\" class=\"rank-math-link\" href=\"https:\/\/www.inmotionhosting.com\/blog\/how-to-get-rid-of-spam-comments-on-your-wordpress-blog\/\" target=\"_blank\" rel=\"noreferrer noopener\">Comments<\/a>, <a aria-label=\" (opens in a new tab)\" class=\"rank-math-link\" href=\"https:\/\/www.inmotionhosting.com\/support\/edu\/wordpress\/how-to-use-contact-form-7-to-add-a-form\/\" target=\"_blank\" rel=\"noreferrer noopener\">contact forms<\/a>, and <a aria-label=\" (opens in a new tab)\" class=\"rank-math-link\" href=\"https:\/\/www.inmotionhosting.com\/support\/edu\/wordpress\/plugins\/bbpress\/\" target=\"_blank\" rel=\"noreferrer noopener\">forums<\/a> are easy ways to embed malicious code if there\u2019s no <a aria-label=\" (opens in a new tab)\" class=\"rank-math-link\" href=\"https:\/\/cheatsheetseries.owasp.org\/cheatsheets\/Input_Validation_Cheat_Sheet.html\" target=\"_blank\" rel=\"noreferrer noopener\">data input validation<\/a>. Akismet and the native comment moderation options are good. The ability to add reCAPTCHA or hCaptcha without a standalone plugin: better.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"permission\">Permissions<\/h3>\n\n\n\n<p>This is a rare feature, but some plugins allow you to adjust file permissions for files at the root level of your site without logging into Secure Shell (<a aria-label=\" (opens in a new tab)\" class=\"rank-math-link\" href=\"https:\/\/www.inmotionhosting.com\/support\/security\/changing-permissions-and-ownership\/\" target=\"_blank\" rel=\"noreferrer noopener\">SSH<\/a>) or <a aria-label=\" (opens in a new tab)\" class=\"rank-math-link\" href=\"https:\/\/www.inmotionhosting.com\/support\/edu\/cpanel\/change-file-permissions\/\" target=\"_blank\" rel=\"noreferrer noopener\">cPanel<\/a>. The benefit here is you can restrict files from bad user agents as a <a aria-label=\" (opens in a new tab)\" class=\"rank-math-link\" href=\"https:\/\/www.pcmag.com\/encyclopedia\/term\/mandatory-access-control\" target=\"_blank\" rel=\"noreferrer noopener\">mandatory access control (MAC)<\/a>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"siem\">Security Information and Event Management (SIEM)&nbsp;<\/h3>\n\n\n\n<p>Finally, your WordPress security suite should include <a href=\"https:\/\/www.inmotionhosting.com\/support\/security\/install-splunk\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">log analysis<\/a> features for tracking changes related to the features mentioned above. This is separate from <a aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.inmotionhosting.com\/support\/website\/analytics\/choose-the-best-analytics-tool\/\" target=\"_blank\" rel=\"noreferrer noopener\" class=\"rank-math-link\">web analytics<\/a> applications and <a aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.inmotionhosting.com\/support\/edu\/wordpress\/plugins\/matomo-analytics\/\" target=\"_blank\" rel=\"noreferrer noopener\" class=\"rank-math-link\">plugins<\/a> which primarily track visitor actions on your website.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.inmotionhosting.com\/blog\/what-is-high-availability\/\">High-Availability (HA)<\/a> simply means <em>not completely fault tolerant<\/em>. If there\u2019s an issue on your web server, your <a aria-label=\" (opens in a new tab)\" class=\"rank-math-link\" href=\"https:\/\/www.inmotionhosting.com\/support\/website\/why-is-my-website-down\/\" target=\"_blank\" rel=\"noreferrer noopener\">website might go down<\/a>. You have an issue that needs attention if your website constantly goes down with the infamous WordPress error:&nbsp;<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><em>Error establishing a database connection<\/em><\/p>\n<\/blockquote>\n\n\n\n<p>You can resolve this by setting your wp-config.php file to auto-repair the database automatically. However, you should track when and how often this and similar issues happen to determine patterns that lead to downtime. This can help you decide whether you need to clean your database, upgrade your web hosting plan, or <a href=\"https:\/\/www.inmotionhosting.com\/blog\/top-5-best-wordpress-caching-plugins\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">configure caching<\/a>.<\/p>\n\n\n\n<p>Your WordPress security plugin should have the ability to alert you via email stating:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>When your site went down<\/li>\n\n\n\n<li>When it came back up<\/li>\n\n\n\n<li>How long it was down<\/li>\n\n\n\n<li>A brief explanation of why it might be down<\/li>\n<\/ul>\n\n\n\n<p>Depending on the error, you may need to adjust caching settings, contact your hosting provider about DoS attacks, or take other proactive measures to secure your data.<\/p>\n\n\n<div class=\"jumbotron\">\r\n<p>Say goodbye to slow loading times and hello to high-performance websites with our new <a href=\"https:\/\/www.inmotionhosting.com\/wordpress-hosting\/managed-wordpress\">WordPress VPS Hosting<\/a> plans. Experience 40x faster WordPress page load speeds on purpose-built servers that guarantee 99.99% uptime.<\/p>\r\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/design.inmotionhosting.com\/assets\/icons\/standard\/check-blue.svg\" alt=\"check mark\" width=\"24\" height=\"24\" \/>High-Performance VPS    <img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/design.inmotionhosting.com\/assets\/icons\/standard\/check-blue.svg\" alt=\"check mark\" width=\"24\" height=\"24\" \/>Fully-Managed Support    <img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/design.inmotionhosting.com\/assets\/icons\/standard\/check-blue.svg\" alt=\"check mark\" width=\"24\" height=\"24\" \/>Free SSL &amp; Dedicated IP    <img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/design.inmotionhosting.com\/assets\/icons\/standard\/check-blue.svg\" alt=\"check mark\" width=\"24\" height=\"24\" \/>Advanced Server Caching<\/p>\r\n<p><a class=\"btn btn-primary btn-lg\" href=\"https:\/\/www.inmotionhosting.com\/wordpress-hosting\/managed-wordpress\">Managed WordPress<\/a><\/p>\r\n<\/div>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"review\">Plugin Review<\/h2>\n\n\n\n<p>Here are a few factors to consider when browsing WordPress security plugins.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"update\">Is it Updated?<\/h3>\n\n\n\n<p>When reviewing WordPress security plugin pages, check the \u201cLast updated\u201d and \u201cTested up to\u201d lines. <a href=\"https:\/\/wordpress.org\/plugins\/wp-content-security-policy\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">WP Content Security Plugin<\/a> allows you to create a CSP HTTP header. However, as of January 2021 the plugin page states:<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><em>This plugin <\/em><strong><em>hasn\u2019t been tested with the latest 3 major releases of WordPress<\/em><\/strong><em>. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.<\/em><\/p>\n<\/blockquote>\n\n\n\n<p>That\u2019s potentially three versions worth of WordPress core security vulnerabilities, and the benefits aren\u2019t worth them. In this case, you should use the <a href=\"https:\/\/www.inmotionhosting.com\/support\/edu\/wordpress\/plugins\/http-headers-security\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">HTTP Headers<\/a> plugin instead.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"rep\">Reputation&nbsp;<\/h3>\n\n\n\n<p>How many active installations does the plugin have? What do the reviews say? How many topics in the forums are <em>resolved<\/em> or at least answered? These factors help determine if the developer actively maintains the plugin.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"premium\">Premium or Free<\/h3>\n\n\n\n<p>If a WordPress security plugin has both a free and premium version, this should mean the developer is being compensated well enough to maintain both versions for a long time. Since there are great security plugins available for free, the question becomes: <em>what\u2019s special about the paid version of a plugin?<\/em><\/p>\n\n\n\n<p>Premium features might include:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Malware cleanup support<\/li>\n\n\n\n<li>Incident response assistance after a hack<\/li>\n\n\n\n<li>In-depth security audit<\/li>\n\n\n\n<li>Faster updates for AV signatures<\/li>\n<\/ul>\n\n\n\n<p>Then, you have to ask how much can you trust the development team with your personally identifiable information (PII), debit card info, and private data. Furthermore, you may already have a subscription to handle this such as the <a href=\"https:\/\/www.inmotionhosting.com\/sucuri\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">Sucuri<\/a> web application firewall (WAF).<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"staging\">Test in Staging<\/h3>\n\n\n\n<p>The best and safest place to do a plugin review is in a <a aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.inmotionhosting.com\/support\/edu\/wordpress\/duplicate-wordpress-site-for-testing\/\" target=\"_blank\" rel=\"noreferrer noopener\" class=\"rank-math-link\">staging site<\/a> or<a aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.inmotionhosting.com\/support\/product-guides\/wordpress-hosting\/local-development-environment-wordpress\/\" target=\"_blank\" rel=\"noreferrer noopener\" class=\"rank-math-link\"> local development environment<\/a>. If you don\u2019t have one of those, test the plugin during downtime or a scheduled <a aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.inmotionhosting.com\/support\/edu\/wordpress\/enabling-wordpress-maintenance-mode\/\" target=\"_blank\" rel=\"noreferrer noopener\" class=\"rank-math-link\">maintenance session<\/a>. Check if the plugin conflicts with other plugins you\u2019ve installed:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Page elements not behaving as intended<\/li>\n\n\n\n<li>\u201cWhite page of death\u201d<\/li>\n\n\n\n<li>Obscure errors<\/li>\n<\/ul>\n\n\n\n<p>You can resolve issues privately before integrating it on your live site.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"best\">Best WordPress Security Plugins<\/h2>\n\n\n\n<p class=\"alert alert-info\">In general, you shouldn\u2019t use more than one WordPress security plugin. However, as mentioned with scanners and backup managers, it can be beneficial to use multiple plugins that enhance security but in unrelated ways.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.inmotionhosting.com\/support\/edu\/wordpress\/wp-cerber-security-hardening-options\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\"><strong>Cerber Security<\/strong><\/a> \u2014 Formerly known as WP Cerber, the free version covers hardening features covered above and more. That includes <a href=\"https:\/\/www.inmotionhosting.com\/support\/email\/wp-cerber-security-antispam-bot-detection-settings\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">antispam, reCAPTCHA<\/a>, <a href=\"https:\/\/www.inmotionhosting.com\/support\/edu\/wordpress\/wp-cerber-security-site-integrity\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">scans<\/a>, and much more. You get expected features in the <a href=\"https:\/\/wpcerber.com\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">paid version<\/a>.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.inmotionhosting.com\/support\/edu\/wordpress\/plugins\/wordfence\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\"><strong>Wordfence<\/strong><\/a> \u2014 This plugin covers the same features as Cerber Security but with a more user-friendly interface. You get expected features and real-time updates to blacklist and firewall settings in the <a href=\"https:\/\/www.wordfence.com\/wordfence-signup\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">paid version<\/a>.<\/p>\n\n\n\n<p><a href=\"https:\/\/wordpress.org\/plugins\/vaultpress\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\"><strong>VaultPress<\/strong><\/a> \u2014 This plugin is a paid security and backup plugin popular for ease of use. The menus and screens are simple to navigate for non-technical users. However, this is not a great choice for <a href=\"https:\/\/www.inmotionhosting.com\/blog\/wordpress-multisite-backup-plugins\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">multisite<\/a> (MU) for two reasons. First, each site requires a separate license purchase. Second, the plugin only backs up common files when it is dealing with a network with multiple sites.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.inmotionhosting.com\/support\/edu\/wordpress\/plugins\/installing-wordpress-jetpack-plugin\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\"><strong>Jetpack<\/strong><\/a> \u2014 Not only does Jetpack integrate with <a href=\"https:\/\/www.inmotionhosting.com\/support\/edu\/wordpress\/plugins\/using-the-backups-and-security-within-jetpack-professional\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">VaultPress<\/a>, but it\u2019s also a great option for many different functions. Jetpack can help you create and design your site, optimize it for mobile customers, and keep it secure. On the security end, Jetpack is great for <a href=\"https:\/\/www.inmotionhosting.com\/support\/edu\/wordpress\/how-to-enable-brute-force-protection-in-jetpack\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">stopping brute force attacks<\/a> and will also inform you of website downtime which you can then monitor to see if it is because of server issues or an actual hack.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.inmotionhosting.com\/support\/website\/how-to-secure-your-website-with-sucuri-for-wordpress-hosting\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\"><strong>Sucuri Security<\/strong><\/a> \u2014 One of the features that make this such a great choice is that it allows you to continuously (and remotely) scan for malware issues on your website. Unlike many plugins, it also provides you with actions that you can take if a hacker manages to get through.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.inmotionhosting.com\/support\/edu\/wordpress\/how-to-setup-bbq-block-bad-queries-on-wordpress\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\"><strong>BBQ Firewall<\/strong><\/a> \u2014 Formerly known as \u201cBlock Bad Queries,\u201d it simply blocks malicious requests such as URLs including SQL injections and executables (.exe)<em>.<\/em> It works well with other security suites but may be unnecessary depending on your primary security plugin.<\/p>\n\n\n\n<p><a aria-label=\" (opens in a new tab)\" class=\"rank-math-link\" href=\"https:\/\/www.inmotionhosting.com\/support\/edu\/wordpress\/plugins\/http-headers-security\/\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>HTTP Headers<\/strong><\/a> \u2014 As mentioned before, this plugin helps you create and manage HTTP headers to improve security, privacy, and performance without needing to edit the <a href=\"https:\/\/www.inmotionhosting.com\/support\/edu\/wordpress\/easy-wordpress-hardening-in-the-htaccess-file\/\">.htaccess file<\/a>. Like BBQ Firewall, it works seamlessly with other security plugins. To negate the purpose of this plugin, you\u2019d need to modify your .htaccess file manually.<\/p>\n\n\n\n<p>My recommendation:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Install Cerber Security or Wordfence<\/li>\n\n\n\n<li>Install Total Upkeep or another <a aria-label=\" (opens in a new tab)\" class=\"rank-math-link\" href=\"https:\/\/www.inmotionhosting.com\/support\/edu\/wordpress\/plugins\/recommended-wordpress-backup-plugins\/\" target=\"_blank\" rel=\"noreferrer noopener\">backup plugin<\/a><\/li>\n\n\n\n<li>Schedule <a href=\"https:\/\/www.inmotionhosting.com\/support\/edu\/cpanel\/cpanel-backups\/\">cPanel backups<\/a> and\/or <a href=\"https:\/\/www.inmotionhosting.com\/support\/product-guides\/vps-hosting\/snapshots\/\">snapshots<\/a> depending on your server environment<\/li>\n\n\n\n<li>Install the HTTP Headers plugin and configure all the security HTTP headers<\/li>\n\n\n\n<li>Ensure you\u2019re using the latest <a href=\"https:\/\/www.inmotionhosting.com\/support\/website\/how-to-change-the-php-version-your-account-uses\/\">PHP version<\/a> and prepare for <a href=\"https:\/\/www.inmotionhosting.com\/blog\/php-8-whats-new\/\">PHP 8<\/a><\/li>\n\n\n\n<li>Find a way to integrate <a href=\"https:\/\/www.inmotionhosting.com\/support\/product-guides\/vps-hosting\/dnssec-managed-vps-dedicated\/\">DNS security extensions (DNSSEC)<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/www.inmotionhosting.com\/support\/email\/strengthen-overall-email-authentication\/\">Enhance email authentication<\/a><\/li>\n\n\n\n<li>Implement <a href=\"https:\/\/www.inmotionhosting.com\/support\/edu\/cpanel\/how-to-add-a-bimi-record-in-cpanel\/\">Brand Indicators for Message Identification (BIMI)<\/a><\/li>\n<\/ul>\n\n\n\n<p>Read more about <a href=\"https:\/\/www.inmotionhosting.com\/support\/edu\/wordpress\/plugins\/recommended-security-plugins\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">recommended WordPress security plugins<\/a>. Or learn about other possibilities from our other <a href=\"https:\/\/www.inmotionhosting.com\/support\/edu\/wordpress\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">WordPress tutorials<\/a>.<\/p>\n\n\n<div class=\"jumbotron\">\r\n<!-- wp:columns {} -->\r\n<div class=\"wp-block-columns\"><!-- wp:column {\"verticalAlignment\":\"center\",\"width\":\"50%\"} -->\r\n<div class=\"wp-block-column is-vertically-aligned-center\" style=\"flex-basis:50%\"><!-- wp:image {\"id\":67902,\"sizeSlug\":\"large\",\"linkDestination\":\"none\"} -->\r\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/www.inmotionhosting.com\/wp-content\/uploads\/2023\/08\/Ultimate-Guide-Cover-and-spread-mockup.png\" alt=\"Ultimate Guide to High Performance WordPress Sites\" class=\"\" style=\"padding:0 20px 0 0;\"\/><\/figure>\r\n<!-- \/wp:image --><\/div>\r\n<!-- \/wp:column -->\r\n\r\n<!-- wp:column {\"verticalAlignment\":\"center\",\"width\":\"50%\"} -->\r\n<div class=\"wp-block-column is-vertically-aligned-center\" style=\"flex-basis:50%\"><!-- wp:html -->\r\n<script charset=\"utf-8\" type=\"text\/javascript\" src=\"\/\/js.hsforms.net\/forms\/embed\/v2.js\"><\/script>\r\n<script>\r\n  hbspt.forms.create({\r\n    region: \"na1\",\r\n    portalId: \"5297785\",\r\n    formId: \"dd5d3d51-1469-4006-bd9b-b3c5e55e718d\"\r\n  });\r\n<\/script>\r\n<!-- \/wp:html --><br><\/div>\r\n<!-- \/wp:column --><\/div>\r\n<!-- \/wp:columns -->\r\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>There\u2019s a plugin for all types of functions: WordPress security, search engine optimization (SEO), accessibility, expressing Phil Collins fandom, and even spawning unicorns. Sticking with website security, there are many attack vectors available to cyber criminals including: Furthermore, your cyber risk can be increased by the plugins you use or having too many plugins. Either<a class=\"moretag\" href=\"https:\/\/www.inmotionhosting.com\/blog\/wordpress-security-plugins\/\"> Read More ><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[371,211],"tags":[],"class_list":["post-64651","post","type-post","status-publish","format-standard","hentry","category-security","category-wordpress"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.2 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>WordPress Security Plugins: 9 Signs One is Great | InMotion Hosting<\/title>\n<meta name=\"description\" content=\"It\u2019s important to integrate WordPress security measures regardless of what\u2019s on your server. Learn how to choose the best options for you.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.inmotionhosting.com\/blog\/wordpress-security-plugins\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"WordPress Security Plugins: 9 Signs One is Great | InMotion Hosting\" \/>\n<meta property=\"og:description\" content=\"It\u2019s important to integrate WordPress security measures regardless of what\u2019s on your server. Learn how to choose the best options for you.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.inmotionhosting.com\/blog\/wordpress-security-plugins\/\" \/>\n<meta property=\"og:site_name\" content=\"InMotion Hosting Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/inmotionhosting\" \/>\n<meta property=\"article:published_time\" content=\"2021-01-21T14:20:15+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-08-20T21:22:49+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.inmotionhosting.com\/blog\/wp-content\/uploads\/2021\/01\/canva-wordpress-security-plugins.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"InMotion Hosting\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@inmotionhosting\" \/>\n<meta name=\"twitter:site\" content=\"@inmotionhosting\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"InMotion Hosting\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"9 minutes\" \/>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"WordPress Security Plugins: 9 Signs One is Great | InMotion Hosting","description":"It\u2019s important to integrate WordPress security measures regardless of what\u2019s on your server. Learn how to choose the best options for you.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.inmotionhosting.com\/blog\/wordpress-security-plugins\/","og_locale":"en_US","og_type":"article","og_title":"WordPress Security Plugins: 9 Signs One is Great | InMotion Hosting","og_description":"It\u2019s important to integrate WordPress security measures regardless of what\u2019s on your server. Learn how to choose the best options for you.","og_url":"https:\/\/www.inmotionhosting.com\/blog\/wordpress-security-plugins\/","og_site_name":"InMotion Hosting Blog","article_publisher":"https:\/\/www.facebook.com\/inmotionhosting","article_published_time":"2021-01-21T14:20:15+00:00","article_modified_time":"2024-08-20T21:22:49+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/www.inmotionhosting.com\/blog\/wp-content\/uploads\/2021\/01\/canva-wordpress-security-plugins.jpg","type":"image\/jpeg"}],"author":"InMotion Hosting","twitter_card":"summary_large_image","twitter_creator":"@inmotionhosting","twitter_site":"@inmotionhosting","twitter_misc":{"Written by":"InMotion Hosting","Est. reading time":"9 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"TechArticle","@id":"https:\/\/www.inmotionhosting.com\/blog\/wordpress-security-plugins\/#article","isPartOf":{"@id":"https:\/\/www.inmotionhosting.com\/blog\/wordpress-security-plugins\/"},"author":{"name":"InMotion Hosting","@id":"https:\/\/www.inmotionhosting.com\/blog\/#\/schema\/person\/f21a89c83c7697a760c96cfe58e646bc"},"headline":"WordPress Security Plugins: 9 Signs One is Great","datePublished":"2021-01-21T14:20:15+00:00","dateModified":"2024-08-20T21:22:49+00:00","mainEntityOfPage":{"@id":"https:\/\/www.inmotionhosting.com\/blog\/wordpress-security-plugins\/"},"wordCount":1976,"commentCount":0,"publisher":{"@id":"https:\/\/www.inmotionhosting.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.inmotionhosting.com\/blog\/wordpress-security-plugins\/#primaryimage"},"thumbnailUrl":"https:\/\/www.inmotionhosting.com\/blog\/wp-content\/uploads\/2021\/01\/canva-wordpress-security-plugins-1024x538.jpg","articleSection":["Security","WordPress Articles"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.inmotionhosting.com\/blog\/wordpress-security-plugins\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.inmotionhosting.com\/blog\/wordpress-security-plugins\/","url":"https:\/\/www.inmotionhosting.com\/blog\/wordpress-security-plugins\/","name":"WordPress Security Plugins: 9 Signs One is Great | InMotion Hosting","isPartOf":{"@id":"https:\/\/www.inmotionhosting.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.inmotionhosting.com\/blog\/wordpress-security-plugins\/#primaryimage"},"image":{"@id":"https:\/\/www.inmotionhosting.com\/blog\/wordpress-security-plugins\/#primaryimage"},"thumbnailUrl":"https:\/\/www.inmotionhosting.com\/blog\/wp-content\/uploads\/2021\/01\/canva-wordpress-security-plugins-1024x538.jpg","datePublished":"2021-01-21T14:20:15+00:00","dateModified":"2024-08-20T21:22:49+00:00","description":"It\u2019s important to integrate WordPress security measures regardless of what\u2019s on your server. Learn how to choose the best options for you.","breadcrumb":{"@id":"https:\/\/www.inmotionhosting.com\/blog\/wordpress-security-plugins\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.inmotionhosting.com\/blog\/wordpress-security-plugins\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.inmotionhosting.com\/blog\/wordpress-security-plugins\/#primaryimage","url":"https:\/\/www.inmotionhosting.com\/blog\/wp-content\/uploads\/2021\/01\/canva-wordpress-security-plugins.jpg","contentUrl":"https:\/\/www.inmotionhosting.com\/blog\/wp-content\/uploads\/2021\/01\/canva-wordpress-security-plugins.jpg","width":1200,"height":630,"caption":"WordPress Security Plugins: 9 Signs One is Great"},{"@type":"BreadcrumbList","@id":"https:\/\/www.inmotionhosting.com\/blog\/wordpress-security-plugins\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.inmotionhosting.com\/blog\/"},{"@type":"ListItem","position":2,"name":"WordPress Articles","item":"https:\/\/www.inmotionhosting.com\/blog\/wordpress\/"},{"@type":"ListItem","position":3,"name":"WordPress Security Plugins: 9 Signs One is Great"}]},{"@type":"WebSite","@id":"https:\/\/www.inmotionhosting.com\/blog\/#website","url":"https:\/\/www.inmotionhosting.com\/blog\/","name":"InMotion Hosting Blog","description":"Web Hosting Strategy, Trends and Security","publisher":{"@id":"https:\/\/www.inmotionhosting.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.inmotionhosting.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.inmotionhosting.com\/blog\/#organization","name":"InMotion Hosting","url":"https:\/\/www.inmotionhosting.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.inmotionhosting.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.inmotionhosting.com\/blog\/wp-content\/uploads\/2019\/11\/imh-logo-all-colors-big.jpg","contentUrl":"https:\/\/www.inmotionhosting.com\/blog\/wp-content\/uploads\/2019\/11\/imh-logo-all-colors-big.jpg","width":1630,"height":430,"caption":"InMotion Hosting"},"image":{"@id":"https:\/\/www.inmotionhosting.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/inmotionhosting","https:\/\/x.com\/inmotionhosting"]},{"@type":"Person","@id":"https:\/\/www.inmotionhosting.com\/blog\/#\/schema\/person\/f21a89c83c7697a760c96cfe58e646bc","name":"InMotion Hosting","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/eb965eada0c0513dd2e1976b21fe270fa4f19ac273960fc080f9d46b81b353a4?s=96&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/eb965eada0c0513dd2e1976b21fe270fa4f19ac273960fc080f9d46b81b353a4?s=96&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/eb965eada0c0513dd2e1976b21fe270fa4f19ac273960fc080f9d46b81b353a4?s=96&r=g","caption":"InMotion Hosting"},"url":"https:\/\/www.inmotionhosting.com\/blog\/author\/imhmainadmin\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"primary_category":{"id":211,"name":"WordPress Articles","slug":"wordpress","link":"https:\/\/www.inmotionhosting.com\/blog\/wordpress\/"},"_links":{"self":[{"href":"https:\/\/www.inmotionhosting.com\/blog\/wp-json\/wp\/v2\/posts\/64651","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.inmotionhosting.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.inmotionhosting.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.inmotionhosting.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.inmotionhosting.com\/blog\/wp-json\/wp\/v2\/comments?post=64651"}],"version-history":[{"count":22,"href":"https:\/\/www.inmotionhosting.com\/blog\/wp-json\/wp\/v2\/posts\/64651\/revisions"}],"predecessor-version":[{"id":76728,"href":"https:\/\/www.inmotionhosting.com\/blog\/wp-json\/wp\/v2\/posts\/64651\/revisions\/76728"}],"wp:attachment":[{"href":"https:\/\/www.inmotionhosting.com\/blog\/wp-json\/wp\/v2\/media?parent=64651"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.inmotionhosting.com\/blog\/wp-json\/wp\/v2\/categories?post=64651"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.inmotionhosting.com\/blog\/wp-json\/wp\/v2\/tags?post=64651"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}