After exerting all your time and perhaps money, into your WordPress website or blog,  now you have to  secure and protect it from outside enemies and general bad guys: hackers, spammers and all round tossers.

If you are novice to WordPress Development knowledge then your best option is to download and install plugins. They are easy to install and manage and will have the power and security you could ever hope for. Of course, no plugin is powerful enough to protect the wordpress website from everything, we can only minimize the possible intrusions. Below, we have some plugins that will help you to protect your WordPress installation.

1) WP Security Scan



WP Plugin Link: http://wordpress.org/extend/plugins/wp-security-scan/

Description: This plugin scans your WordPress installation to check for security vulnerabilities and proposes corrective actions that are passwords, file permissions, database security, version hiding, WordPress admin protection/security.  WP Generator META tag is removed from core code.

2) Secure WordPress

WP Plugin Link: http://wordpress.org/extend/plugins/secure-wordpress/

Description: It secures your WordPress installation by removing the  Error information on login page; adds index.html to plugin directory; removes the wp-version, except in admin area. It removes  core update information, plugin-update information, theme-update information for the non-admins. It also hides the wp-version in backend-dashboard for the non-admins and block bad queries.

This plugin requires the web server, Apache, and web host support for .htaccess files.

3) Chap Secure Login

Link: http://wordpress.org/extend/plugins/chap-secure-login/

Description: When you login into your website, you can use this plugin to encrypt your password and transmit. The encryption process of the password is done by the Chap protocol.  This plugin is particularly useful when you cannot use ssl or any other kinds of secure protocols. By activating the ChapSecureLogin plugin,  only the username is transmitted unencrypted.

4) Invisible Defender

Plugin Link: http://wordpress.org/extend/plugins/invisible-defender/

Description: This plugin secures registration, login and comment forms from spambots by adding two more extra fields hidden by CSS. This plugin can also provide 100% anti-spam protection on the wordpress websites.

5) AskApache Password Protect

Plugin Link: http://wordpress.org/extend/plugins/askapache-password-protect/

Description: This WordPress plugin doesn't control WordPress or mess with your database. But it makes use of  fast,  built-in Security features to add multiple layers of security to your blog. This plugin is designed and regularly updated to stop automated and unskilled attackers attempts to exploit vulnerabilities on your blog resulting in a hacked site.

6) Admin SSL

Link: http://wordpress.org/extend/plugins/admin-ssl-secure-admin/

Description:This WordPress plugin forces SSL on all pages where passwords can be entered and it works well with both Private SSl and Shared SSL. Through the config page custom additional URLs can be secured. You can also choose where you want the Admin SSL config page to appear. It works on Wordpress versions 2.2-2.7 and not on previous versions.

7) HTTP Authentication

Plugin Link: http://wordpress.org/extend/plugins/http-authentication/

Description: The HTTP Authentication plugin facilitates you to use existing means of authenticating people to WordPress. This plugin includes Apache's basic HTTP authentication module and many others.

8 ) Login LockDown

Plugin Link: http://wordpress.org/extend/plugins/login-lockdown/

Description: Login LockDown Wordpress plugin records the IP address and timestamp of every failed login attempt. If more than particular number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests. This supports to prevent brute force password discovery.

9) Akismet

Plugin Link: http://wordpress.org/extend/plugins/akismet/

Description: Akismet follows and checks the comments against the Akismet web service to see if they look like spam or not and facilitates you to review the spam it catches under your blog's "Comments" admin screen.

10) TAC – Theme Authenticity Checker

Link: http://wordpress.org/extend/plugins/tac/

Description: The term TAC stands for Theme Authenticity Checker. Currently, TAC searches the source files of every installed Wordpress theme for signs of malicious code. If such code is found, TAC displays the path to the WordPress theme file, the line number, and a small snippet of the suspect code. The real value of this WordPress plugin is that you can quickly find and decide where code cleanup is needed in order to safely enjoy your Wordpress theme.

We hope the above list ofWordPress Plugins will help you to protect your blog 100%.