Scans your WordPress installation for security vulnerabilities and suggests corrective actions.
Secure WordPress beefs up the security of your WordPress installation by removing error information on login pages, adds index.html to plugin directories, hides the WordPress version and much more.
AntiVirus for WordPress is a smart and effective solution to protect your blog against exploits and spam injections.
This plugin doesn’t control WordPress or mess with your database, instead it utilizes fast, tried-and-true built-in Security features to add multiple layers of security to your blog. This plugin is specifically designed and regularly updated specifically to stop automated and unskilled attackers attempts to exploit vulnerabilities on your blog resulting in a hacked site.
Akismet filters out your comment and track-back spam for you, so you can focus on more important things.
Protects your blog from spam by replacing the comment field. It’s easy to use and extremely effective. Really!
9. Stealth Login
This plugin allows you to create custom URLs for logging in, logging out, administration and registering for your WordPress blog. Instead of advertising your login url on your homepage, you can create a url of your choice that can be easier to remember than wp-login.php, for example you could set your login url to http://www.myblog.com/login for an easy way to login to your website.
Whenever you try to login into your website, you can use this plugin to trasmit your password encrypted. The encryption process is done by the Chap protocol; this is particularly useful when you can’t use ssl or other kinds of secure protocols.
Login LockDown records the IP address and timestamp of every failed login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range. This helps to prevent brute force password discovery. Currently the plugin defaults to a 1 hour lock out of an IP block after 3 failed login attempts within 5 minutes. This can be modified via the Options panel. Admisitrators can release locked out IP ranges manually from the panel.
This plugin creates SQL dumps of your wordpress database. It is based on the WordPress Database Backup plugin(http://www.ilfilosofo.com/blog/wp-db-backup) – but it removes some of the security restrictions in the plugin to enable automated remote backups. You still need the admin user name and password to do a remote backup.
BackUpWordPress will back up your entire site including your database and all your files once every day. It has several advanced options for power users.
Simple WordPress Backup allows you to back up your WordPress Database with just one click!
Backup, restore, migrate your WP installation, both code and MySQL tables, with a single click. Screen shots
Integrates reCAPTCHA anti-spam methods with WordPress including comment, registration, and email spam protection. WPMU Compatible.
WP-Members is a plugin to make your WordPress blog a membership driven site. Perfect for newsletters, private blogs, premium content sites, and more! The plugin restricts selected WP content to be viewable by registered site members. Unlike other registration plugins and WordPress itself, it puts the registration process inline with your content (and thus your branded theme) instead of the native WP login page.
Allows admins to create user groups and set access restrictions for any post, page or section.
This plugin allows you to upload and download files from outside of your web document root for security purposes. It can be used to can restrict file downloads to users that are logged in, or have a certain user level.
WP Email Guard protects your email addresses included on any post or page from being crawled by spammers.
This plugin searches the files on your website, and the posts and comments tables of your database for anything suspicious. It also examines your list of active plugins for unusual file names. It does not remove anything. That is left to the user to do.
WordPress website security protection. BulletProof Security protects your website from XSS, CSRF, Base64 and SQL Injection hacking attempts.
Protect your WordPress site against right clicks, text selection, and image dragging.
Monitor files under your WP installation for changes. When a change occurs, be notified via email. This plugin is a fork of WordPress File Monitor.