Best WordPress Security Plugins Free 2023 Are you looking for the best WordPress
Best WordPress Security Plugins Free
security plugins for your WordPress blog and that too for free because when traffic starts coming to our site then we start worrying about the security of our site.
WordPress is a very popular platform and that is why it always remains in the eyes of hackers, it is very easy for hackers to attack our WordPress blog or change files, so we should also pay special attention to the security of our blog. It becomes necessary to take care.
I have seen a lot of new bloggers’ blogs getting hacked, no matter how you recover your site from these hackers, even then it becomes impossible to complete the database and files.
The possibility of hacking our new blog is negligible because its value is also very less, but as soon as we start working on our site and traffic starts coming, then our site starts earning. Security also becomes important for us.
When the value of our site increases in the market, then along with this our site also comes in the eyes of hackers. By the way, along with creating the site, its security should be arranged at the same time, but if you have not yet made arrangements for the security of your site, then by reading this post, you can download the best WordPress security plugins for the security of your site for free. Will be able to use
What is necessary for the security of WordPress Blog?
The security of our WordPress blog starts with the hosting and domain name itself, if you have taken the domain name and hosting from a good company, then half of the security of your site is done by this, the rest half of the security is best wordpress We do it by adding security plugins.
What is the role of Security Plugin?
wordpress security plugins make the security breach being attacked by hackers secure, many times hackers can down your ranking site by putting malware and Malicious code on your WordPress site, and also steal your site’s data Can
You can change the url of your WordPress admin panel by the security plugin, when we create a new WordPress site, its url is wp-admin by default after the domain name, but with the help of these plugins, you can change this url. You can change only this, which makes it more difficult for hackers to hack your site.
We will not give you a list of many plugins here, but in our view, which is the best plugin, which we can call best wordpress security plugins, as well as the full setup of this plugin will also be explained here.
iThemes Security For WordPress
iThemes Security is a WordPress Security Plugin, through this plugin you can secure your site up to 99%. More than one million people have installed this plugin till today 24 January 2021, here we will tell the full setup of this plugin along with installing it.
To install iThemes Security, first login to the WordPress admin panel, then go to the plugin on the left side and click on Add New, and then type iThemes Security in the search box and you will see this plugin as shown in the picture below. (see picture below)
Now you click on install now and after it is installed, click on Activate again, this plugin will be activated as soon as you click on Activate and you will come in the list of plugins.
Now click on the Settings of iThemes
Security Plugin and then click on the secure site button at the bottom of the page with security check, as soon as you click this plugin will check the security of your site, after checking you will see mostly green sign in front of you. There may be one or two yellow signs. (see picture below)
In the picture shown above, two yellow signs are visible, the first request to redirect http to https and the second for activate network brute force protection, so you can activate both of them by clicking on these two buttons, and then in front of you All the signs will become green sign.
Now you click on Close in the bottom left side and close this popup, and as soon as you close that popup, you will see all the settings of iThemes Security Plugin, now after setting each setting here, save To do.
iThemes Security Full Setup
The first setting is of Security check which we have done in the beginning itself, the second setting is global settings, click on configure settings to configure this setting.
After clicking on configure settings, now tick mark by clicking on the small box in front of write to files, and with this tick mark, you are allowing iThemes Security Plugin to configure this plugin in your WordPress site. To edit htaccess files with.
By doing this, if there is any security issue, this plugin will fix those errors by editing htaccess files, as well as if any hackers try to attack your site, then this plugin will logout them.
The rest of the three options below are set by default, you can change them or leave the default setting, now there is an option in the last below authorized hosts list, there is a box in front of it and below that box add my current IP to the authorized hosts list Click on this button.
As soon as you click on the button, the IP address of your computer or mobile will be entered in that box, by doing this this plugin will not block you.
Because many times we enter the wrong password while login WordPress admin panel mail and in such a situation, this plugin may block you, so click on the above button to put your IP address in that box, and then Click above save settings below.
The settings will be saved as soon as you click on save settings and you will come back to the list with settings and now we have to set up the next settings 404 detection.
For this, click on enable below in 404 detection and then click on configure settings, now here some options that we did in global settings will show and whatever settings are set by default below are correct. Our suggestion to you is that without making any changes in it, click on save settings below and save this setting as well.
Now our next setting is Away Mode, for this click on enable, and then click on configure settings, its settings will open as soon as you click.
You can set the time in the Away Mode settings, that is, if you have set the time for 8 hours, then no one will be able to visit your WordPress dashboard for that 8 hours.
For example, you go to sleep at 10 in the night and wake up at 6 in the morning, then you can set this setting from 10 pm to 6 am in the morning, or if you are going out for a week, then set that date You can set here and your WordPress dashboard will remain locked till the date or time you set, till that time no one will be able to visit your WordPress dashboard.
If you want these settings then you can set the time and click on save settings. Now our next setting is banned users and from this name itself we understand that there are some users who have been put in the block list, now we will configure this setting.
To configure the Banned Users setting, click on configure settings, now click on the small box in front of the default bind list and tick it, this will show that HackRepair.com has a list of users that have been marked as spammers. Has gone and if they try to attack your site, then this plugin will block them immediately.
Now leave the rest of the options in Banned Users Settings and save this setting by clicking on save settings below. Now our next setting is database backup and these settings are for backing up the database.
To configure database backup, click on configure settings, and select only email in backup method, this will get your database backup on your email address, now select zero in backup to retain below, then you will get daily backup of database. The backup will be sent over email.
Now below that there is a tick mark in the box by default in front of compress backup files, leave it as it is and save it by clicking on save settings below.
File Change Detection
Enable File Change Detection and then click on configure settings, these settings are because whenever there is any change in your database or files, this plugin notifies you in the form of email.
Even if you make some changes in your own files, iThemes Security Plugin will notify you in the form of email, but if someone else tries to make changes, then you will be able to understand from that email that someone is trying to do something wrong with your site. Done, save this setting by clicking on save settings below.
Local Brute Force Protection
Through Local Brute Force Protection, you can set the limit of login on your site, because there is no limit of login in WordPress, any user can login even thousand times, can try by entering different username and password. Is.
But you can set the login limit through this setting that maximum number of times anyone can login to login to your WordPress admin panel, if it exceeds that limit then iThemes Security Plugin will block it immediately. Will give
In the setting of Local Brute Force Protection, type 5 in max login attempts, type 10 in max login attempts per user, 5 in minutes to remember bad login and tick the last option by clicking on the small box in front of automatically ban Admin user. Give and save it by clicking above save settings.
To configure ssl settings, click on configure settings, and select enable by clicking on the drop down arrow in front of redirect all http page request to https, then save this setting by clicking on save settings below.
Now till here we have completed almost all the necessary settings in the recommended settings but there are some more important settings which are in the Advance section, you go to the top and click on Advance next to recommended.
Now some more settings will appear in front of you, there is a setting in it hide backend, through this setting you can change the URL of your wordpress dashboard. By default the URL of our WordPress dashboard is wp-admin with the domain name.
For example, my domain name is vsblog.in , then the URL of my WordPress dashboard will be vsblog.in/wp-admin, but you can put something else in place of wp-admin through this setting, it will be beneficial that now your site To hack, the hacker will not only have to find the password but will also have to find the URL of the dashboard.
To enable this setting, click on configure settings under Hide Backend, then enable the hide backend feature by clicking on the small box in front of hide backend.
Tick mark above the box, some more options will come below, now you put words and numbers in the box in front of Login Slug, you can put it up to ten, for example z53gli, make a mixed Slug of words and numbers by doing this, with Also note down this slug by writing it in your diary.
Now by default there is a tick mark on the small box in front of enable redirection below, if it is not there, then click on the tick mark and then save it by clicking on save settings below.
After configuring these settings, when you go to login to your WordPress admin panel again, you will have to search again by typing the Slug you created by applying forward plus after typing the domain name above.
For example, I have created a slug here z53gli, then to login to my WordPress admin panel, I will type blogseohelp.com/z53gli in the browser and then search it, then there will be an option to enter the user ID and password of our WordPress admin panel. Then by entering this information, I will be able to login to the dash board.
Keep in mind that in mobile you will have to clear the cookie and history of your browser because when you refresh your WordPress admin panel, the previous slug wp-admin will appear and the error of Not Found will appear.
Now we have configured and setup almost all the necessary settings of iThemes Security Plugin, and by doing this your site is secured to a great extent. And we get this much security for free, if you purchase the premium version of this, then you will get even more options here.
Best WordPress Security Plugins Free
iThemes Security Plugin is one of the best wordpress security plugins, I myself have been using this plugin for many years on almost all my sites.
Make WordPress Password Strong
We have changed the URL of the WordPress dashboard but we have to keep the password strong too. The password should be changed from time to time and it should be made a password of at least 15 to 20 characters.
Make the password you use with the WordPress user ID in such a way that numbers, words, special characters, all these together make a password of at least 15 to 20 words.
For example, you can make a password in this way 1Aa,.#@ Take care of small and big words in words, enter small words and big ones, this makes your password very strong.
WordPress Password Change Process
To change your WordPress password, first login to the WordPress admin panel, then hover over the profile in the top right corner and click on Edit Profile.
Now scroll down and there will be an option in the last Set New Password, click on it, WordPress will automatically generate a strong password for you, if you want to keep it then it’s okay, otherwise delete it and type the password you created here. Do it and then save it by clicking on Update Profile below.
Half of the security of our WordPress site is done by our domain name and hosting only, in the beginning whatever type of hosting we choose, it works, but when our site starts getting bigger and traffic starts coming, then we need a better and bigger website. The company should switch to hosting.
Because when your hosting company is weak, then you will not be able to protect your site from those hackers only with the help of plugin, they will infiltrate your site only through your hosting.
Best WordPress Security Plugins Free
So here we took information about best wordpress security plugins free, we learned to do full setup of this plugin in this post.