Top 5 WordPress Plugins to Keep Your Site Secure | Mirsad Hasic | Skillshare

Top 5 WordPress Plugins to Keep Your Site Secure

Mirsad Hasic, Systemintegrator/Teacher

Play Speed
  • 0.5x
  • 1x (Normal)
  • 1.25x
  • 1.5x
  • 2x
6 Lessons (20m)
    • 1. Class Introduction

    • 2. Wordpress Security Plugin One

    • 3. Wordpress Security Plugin Two

    • 4. Wordpress Security Plugin Three

    • 5. Wordpress Security Plugin Four

    • 6. Wordpress Security Plugin Four


About This Class

In this class I am going to show you five essential Wordpress plugins that will enhance the security of your Wordpress site. All of those plugins are free but some of them have a premium version as well.


1. Class Introduction: Hi. In this class, I'm going to cover five security plug ins for war. Press that I consider being crucial in order to protect your site. Those begins are really important. In order to keep the hackers out off your site while ensuring that if something are predicted happens with your site, he will be able to restore all of your files and then have your site up and running in very short time. So if you want to secure site and if you want to be able to recover it fast and if you want to sleep well during the nights, then I suggest you take this class and this color five great plug ins for securing your WordPress site. I just want to emphasize on that All of those begins are free, but some of them have a premium version as well. But this version is not necessary. A tall but off course. If you feel so, then you are free to upgrade to the premium version of cell. But for these class and for securing your site upgrading to this premiere version, it's not necessary. All right. I hope to see you inside this class. See you next 2. Wordpress Security Plugin One: Hi. The first begin that I'm going to cover is the board fence, but I'm going to do next is to basically click on add new and find this begin in the war press Ripper story off the plug ins. I'm gonna just search for Ward fans here. And let's see no Ward fans right there. Tous. So it has five out of five stars, over one million active installs. It was updated two weeks ago and also comfortable the television war press those four perimeters. The ratings that installs the update and comparability is what makes a plug in great. And it is important that you pay attention to those and always check them before installing any kind of plug in. Anyway, I'm gonna just click on install now, and this begins should be installed in just a few seconds. All right, I'm gonna activate it. And he regal, once it is activated, we're going to be able to use it and you can see it on the left. No bore here. So we have several different types off sub models in this plug in. We have the ability to scan. We have the firewall like traffic performance set up blocked eyepiece, passing out the cellphone signing country blocking scan scandal who it's look up, advanced blocking options and the agnostics. Several off those sub models are actually not free. So, for example, the cellphone signing Issa Premium Future very will need to buy the premium version of this beginning in order to be able to use it. However, I don't consider those being necessary in order to create strong security on your WordPress site. In fact, you're just fine with the free version off it. And the first thing I always recommend to do when installing this begin is to actually scan your cipher. So once it is activated, I'm gonna click on scan. And what of orphans is going to do? Just actually scan are all files related to our site that are in our root folder on our Web host and simply check for malicious code whether there are any vulnerabilities, etcetera. So once I click on the start of orphans can it would basically go through all of those files and this can take up to several minutes and in some cases, even hours, depending on how big your site is. So I'm gonna just click. Oh, start of orphans can and leave this to run. So down here at the bottom, right, you can see war France's working. And once it is done, you will see our scan summary here, and it is already creating a summary. You can see that we have remote scan of public facing site only available to pay members. This is not actually crucial. A tall and down here, you can see the scan details activity, and they are basically bunch off different things that you can do be displaying. I'm not going to dig into the details because it is highly advanced said, but really easy to use. And by using this begin, you can simply create a Fort Knox off your site that is going to be completely secure. And you will be able to sleep really well by installing this begin because you will not need to worry about having your site hacked. All right, that's a seat about war fence. I'm going to just pause there, and I'm going to jump onto the next plugging See you next 3. Wordpress Security Plugin Two: Hi. In this lecture, I'm going to cover the ideas Security plug in, and I'm going to start off with searching for this beginning the WordPress repressed stories. I'm gonna just type in the name I deems security and see what happens. Someone to just try to find it. All right, so here, please. So a so you can see it has 4.5 out of five stars, which is great. Over 800,000. Active installs console. Great. Updated two months ago. Well, this is OK, but not a deal. We would like to have it updated at least once per month, and it is also comfortably television off or press. So let's go ahead and install the ideas security. You can see that it is formerly known us better WP security. And let's activate it. So I'm gonna just mention a little bit about what this blinking can do. I'm gonna first located here in the plug ins section. All right, here it is. So let's click on the settings. So what these begin covers is basically several really important factors such as two factor authentication ability to monitor your core files when in changes, it can protect your side from brute force attacks. It has also the ability to log use directions. It can look out users for multiple incorrect er potential attempts and also force Yusof secure password. So here you can actually see that it is asking us to perform a security check. You can read that when we click this button it is going to check for Bannon do Serves and configure the daughter Bisbee Coppola cupboard for protection at her brute force protection , strong password and war pressed weeks. So let's click on secure site and let's see what it comes up it. All right, So the first thing it is asking us east to enter our email address about security updates I'm gonna just type in my email address here and when we clicked Activate network brute force protection. It is going to protect us for any brute force attacks Politically connected eight right And the rest you can see that Bannon user is enabled. Database backups is enable local brute for protection is enabled. Justice we did a few seconds ago. Strong password enforcement is also enabled and war pressed weeks is enabled us. Well, you can run the secure check again, but I'm going to just post there. And basically when this is done, you are done. But it's beginning. So you have configured what you need to do. And you basically can leave these cities. Of course, you can take into it and check the more advanced futures. But those are usually paid, and I don't consider this being necessary. So this was the second problem. Stay tuned. I'm going to cover three more plug ins in order to help secure your WordPress site. Stay tuned. 4. Wordpress Security Plugin Three: All right. So time has come to cover the third plugging in this class, and it is the security security plugging. So I'm gonna just searching for it. Just sided with the two previous begins. Sick. You re d and heat enter. All right, so here this. Security Security. Al De Mulder, scan of the security hardening. You can also see that it has a security website firewall. This fund is optional. I'm gonna just go ahead and install this one and solve this. I'm going to check the ratings for 0.5 out of five. Great to over 200,000 active installs. Also Great. Last up to three months ago. Well, not great. We will prefer it to be updated at least once for amount. But I guess it is OK for now, however, it is untested with our version. War press. So what this means is that this program might not operate us. We would like to most case this depends on that. The developers has not released a new version along with the newest version of WordPress. I'm going to just go ahead and install it anyway. So what's great with this plug in? I'm gonna just activate it is that attracts all the activity on our side. Which means that when someone logs in our our on our site and make changes, those are stored in a log. And in case something unpredicted happens or someone mess around with our files, we can always see who actually did it, because all those changes are going to be stored in block. So you can see here that this program is not activated yet. We need to generate Ah, free a p I key in order table old it logging intact, checking email alerts and other tools. All right, let's do that. Generate I paki. So it is going to send the ski to our email address. I'm gonna just click on perceive. All right, So when that is down, you can see that we have the enabled the plug in, and you can also set on administrator email address in order to receive a letter for war France. I'm going to just kick use my email address and all right, this is fine. So you can do a lot of things with this plug in, and you can, for example, perform Oliver scan. You have the firewall. You have the last Liggins attempts logs, etcetera, etcetera. There is a bunch of things to do, and I will need at least several hours in order to cover the most from the mental ones. I'm gonna leave that up to you and I just want to show you what you can actually do this. Begin. We have the scanner as well, which we can actually force to scan our sides. You see that the last backgrounds can is September 25th 10. 54 AM So this is basically done when the plug in is installed, we can also change the scanning frequency, enable air log files. Let's do that enable and we can also rests at different logs. Anyway, it is up to you to play around with this plug in and see what you can actually do with it and hold it. Actually, featuring is because some off those models that are located in this begin are actually overlapping the models that advocated in the previous begin that we discussed. So I'm going Just leave this up to you in order to the site what fits your needs and your site. But I just want to show you what you can actually do and what is available on the market. Anyway, we have the two more plug ins to cover, so I'm going to just pause there and see you in the next lecture. Stay tuned. 5. Wordpress Security Plugin Four: Hi. In this lecture, I'm going to cover the all in one WP security fire. All this fun off the most popular security begins that you will find in the board press repress story. The reason for this is that it has a clean interface and is easy to use for those who are not actually familiar with Advanced said security settings. What this begin does is that it will protect your site by simply checking the vulnerabilities and also implement the latest methods and security measures for stopping hackers from getting into your site. Anyway, let's try to find this begin. I'm gonna just I've bean WP security and see what happens. All right? That was not the beginning we're looking for. I'm going to just try and firewall. Nope. Let's try without and see what happens. All right, so here these Onley one WP Security and Fire all over 500 ratings did five stores 400,000 active installs last topic two weeks ago and also company bloody television for press. So it has. All of those were able that we are looking for, which usually means that it disagreed begin. So let's go over and install it looking stone now and let's click on Activate. All right, so when the plugging is activated, we can either reach it from left. No bar here or we can go down in the main section off the plug ins and try to find it. So let's see. We can locate it all right, there it is, So let's click on settings. So here we have the general settings, and you can, for example, check this box if you want to enable the bugging, which will give you a lot of different logs. And unless something is wrong with your site, I do not recommend it to do this. So let's just keep it for their We have adult HD access file, and the dot age Texas file is a little bit different because it allows you simply to control, for example, whether you would like to a love a specific listing off a specific directory or a love your vistors to be able to least a specific page, etcetera. WP CONFLICT FILE This is where the magic happens, and this is basically the center off your site so you'll be able to back up your double P conflict, violence in case something on predict happens. For example, you said gets hacked and be able to restore it. Double p version info. It is well known that hackers are looking for this specific, very able when it comes to getting inter site. So you can, for example, a motivate double P generator meet. Enforce it basically disabled. Which version? War press you're running. So legend saves things for there we have the important export and this is elect with Advanced said. You can, for example, to export all off your security formal settings by clicking the button down here and then later, important case. Something unpredicted happens to your site. So all of those subsections basically allows you to edit the different settings which are then contribute toe a total score that you see here so 15 out of 15 which means basically, that you you have a full score for the user accounts. If you go to use it again, you can see that you have zero out of 20. So each box at Duke leak and save. Let's do it. This number is going to increase, and now you have 20 out of 20 and there is a lot off different options to play around. So failure long records here. You can also see, for example, how many times someone has failed to log in for slug out on. In case you would like to enable this future, you were force any user to be logged out after a configuring amount of times. You can set this box and then set the amount of time you will force the user to look out. And so there is a bunch of different options to actually play around it. And what I like with this begin is that it actually tells you haul many points you get for every option that you change. So here you can see that. Actually my session has expired and with that said, I'm going to finish this lesson and jump to do last begin in this class. So this waas about the WP security and fire warp again, which I'm sure we would enjoy once install it on your site. And I really recommend you to do this so state and seeing the next lecture 6. Wordpress Security Plugin Four: Hi. In this lecture, I'm going to talk about the bulletproof begin riches one off. The first begins that I installed on my door pressed sites, and it works really great. It is easy to use, and it offers a lot of different protection model, such as preventing SQL injections protecting you. Cite against verify XY Assess, See, or LF etcetera It also has a lot off useful futures such as easy Singler clicks it up, showing the record off the number that are specific. Lobby attempt has failed monitoring and also putting the infected file into quarantine in case someone is able to inject malicious code into your files. It also can email you alerts for specific actions that taken on your side. For example, someone changes your file, etcetera it It's a really great Pugin, and I really like him and you to take a look at it. So I'm gonna just search for it and a bullet proof. All right, so here this just over 280 ratings and 4.5 out of five stars, 100,000 plus active installs updated two months ago and competently television were press, So let's go over to installing it and constitutes installed. I'm gonna just activate it. So this begin. It's really easy to use and I'm going to just dismiss this because it is not necessary for our propose. I In the first time you install it, you will see the set up visa configuration, so I really recommend it to click on this link, and it'll basically guide you through the plug in and help you set up all the different settings that are available in the plug in. So if you click on set up his Earth, you can see that you can rerun the set of either again at any time. And your existing settings will not be over written and will be received in any additional settings that the set of either finds in your website will be saved in this set up for a great So let's see set up and constantly conducted, basically has completed the set up. It basically checks the pre installation checks. So here you have the set up dessert options as well, and you can basically enabling disabled things that this again is going to look for And there is HD access file with basically can control. Whether we want to a lot of users to see specific files. Orly specific directories. You can also enable disabled a double P hyphen at mean on page. You can do the C five Donald Fix, which is turn it off for the fault. And we have other things such US network, multi side site, wide logging, security settings. So, for example, we can also do the daughter based backup with this pregnancy. Quickly, candy back up. You will see that you can actually take out the cup off your sides so you can you quickly come back up. Files don't load. Also create backup job so we can create backup jobs. And here we can set up and the tables you would like to back up and bunch of different other things. So we have a log as well, and in this law, you can basically set up where to send email, or it's when to send log in security email elect, for example, when a user is look it out on the administrator Log scene. Ondo State Look scene and the user accounts look a doubt, etcetera. So there is a bunch of different options to play around with and justice in the other plug ins. I encourage you to dig deeper into it and really see how it fits your side. Because some settings are might not be relevant to your son about most off the default ones are, and I recommend you to keep the default wants and then see how you can customize it a little bit more in order to feed your sights. Needs. So that was it for this lecture. Thank you for joining this class.