Okay in this post I am going to explain 2 must have plugins for your wordpress site. If your website is hosted on wordpress platform, please carefully read this post. It will help you a lot. 100% guaranteed!
The online business owners are continuously investing loads of time to increase the security of their unique website(s). This is absolutely crucial factor for anyone doing business online. If someone’s website is not secure then one’s business is also not secure! After launching a website business owner generally search for SEO Expert or SEO Consultant to grow their online visibility but how many of them actually think to hire a security expert or white hat hacker to maintain the utmost security of their website? I think it’s lower than 1%!
I could ensure you a very significant factor; by enhancing your website stability level, it is very easy to increase your all-round revenue. You will be very stunned to discover that people love to take advantage of organizations that have complete website reliability. If you are running a small business on wordpress platform and can’t afford to hire a website security expert or service then you need to install following plugins and increase your website security. It is possible to shield your own online businesses with these two small but very powerful plugins. One is called IP Filter and other one is called Limit Login Attempts
If you visit these plugins pages then you might notice following note:
This plugin hasn’t been updated in over 2 years. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.
But don’t worry. These two plugin work perfectly in any version of wordpress. I have been using both of these plugins for several years without any update and both are working pretty fine.
So let’s start with Limit Login Attempts plugin. You need to install this plugin. Installation process is pretty simple. You can get the installation instructions here. After the installation, you need to activate this plugin
After that you need to change the settings of this plugin. To do so, please mouse hover to Settings under wordpress admin panel and then click on “Limit Login Attempts“. You will not see following settings as I have manually configured this for my site. Feel free to set your “Limit Login Attempts” configuration just like mine
As you can see, in my limit login attempts settings, there were 125 lockouts since last reset (it’s pretty impressive) but you will not see anything after first time installation. Then you can see, I have set 3 allowed retries, 720 minutes lockout, 2 lockouts increase lockout time to 24 hours, and 24 hours until retries are reset. That means, if anyone tries to login for 3 times but fails then one will be blocked for 12 hours. After 12 hours if that person again tries to login but fails then s/he will be blocked for 24 hours.
Finally make sure you check Log IP and Email to admin after 1 lockouts boxes. This will log the IP and email you the failed attempts notification along with an IP address.
With limit login attempts plugin you can actually control the login attempt but you can’t block those ip addresses. That’s why you need to install IP Filter plugin!
Installing IP Filter plugin is easy, just like limit login attempts. For detail instructions on installation you can visit this page. After the installation, you need to activate this plugin and configure.
Please check on “Deny access to IP addresses in the list“; make sure you don’t include your own ip address in this list. Now you can copy all the ip addresses that you will get in your email from limit login attempts plugin and paste them in the box. Please note, I have concealed the box as I will share all the spammers/hackers IP addresses in my next tutorial.
You can modify the message shown to filtered visitors. I have included “Access Denied” message to filtered visitors AKA hackers! However, you don’t have to do anything with “bypass the filter” box and if you want to log blocked ip addresses then check “log blocked ip addresses” box. When you have tons of logs in your IP Filter, then you can check the “purge the log file” box and it will delete all the history of previous logs.
That’s it. If you have already installed these plugins then you will get to see results within a day or two (if your blog/site is well-known). These plugins will surely make your website more secure. If you need any help in setting these plugins or have any query please feel free to ask through comments.