57 security wordpress plugins

We all agree that WordPress has become a prime target for hackers
having a secure wordpress blog should be our first goal to have a good blog.
so i collect 57 security wordpress plugins to get secure blog.

1-Shockingly Big IE6 Warning

A shockingly BIG or SMALL warning popup with customizable message about the dangers of using IE6. And now an option to crash IE6.

2-Web Tripwire

Detects in-flight modifications to the HTML, then notifies users, and weblog administrators.

3-WP-SpamFree Anti-Spam

Powerful anti-spam plugin that eliminates blog comment spam. Finally, you can enjoy a spam-free WordPress blog! Includes contact form.


Enhanced Login Security for Your WordPress blog.


This plugin protects your registration, login and comment forms against spambots with a simple math question.

6-Invisible Defender

This plugin protects your registration, login and comment forms against spambots.

7-GD Press Tools

GD Press Tools is a collection of various administration and security related tools that can help with everyday blog tasks.

8-User Locker

This plugin locks user account after given number of incorrect login attempts. This makes brute force and dictionary attacks nearly impossible.


To protect your Blog from automated spambots, which fill you comments with junk, this plugin adds additional formfields to your comment template, whic


Displays a virtual, on-screen keyboard to enter the wordpress password in a safer way, for example in internet caf├ęs.

11-Secure WordPress

Secure your WordPress Installation with small functions.

12-WordPress File Monitor

Monitor files under your WordPress installation for changes. When a change occurs, be notified via email.

13-HTML Purified

HTML Purified replaces the default comments filters with the more secure HTML Purifier.

14-Chap Secure Login

Do not show password, during login, on an insecure channel (without SSL)

15-Limit Login Attempts

Limit rate of login attempts, including by way of cookies, for each IP.


wp-dephorm protects your users from the prying eyes of phorm

17-Safe Signup Form

Safe Signup Form is a WordPress Plugin that will forward a form submission to an email address, while preventing most automated attacks.


Profiless is a plugin that removes access to the profile page for the subscriber level user.

19-Simple CAPTCHA

A CAPTCHA for your comment system to prevent unwanted spams. Prevent automated spams by bots and most important naughty peoples.


This plugin allows you to clean up your wordpress database and optimize it without phpMyAdmin. Also renames any username.

21-Semisecure Login Reimagined

“Re-imagined” version of Semisecure Login that uses RSA public key encryption to encrypt passwords when logging in.


This plugin provides Enigform Secure Login support for WordPress. Works in similar way to HTTP Authentication by dwc.

23-WP Security Scan

Scans your WordPress installation for security vulnerabilities.

24-WP Sentry

WP Sentry allows WordPress authors to grant access to individual private posts to users and groups of users.

25-CaPa Protect

Protects Categories, Pages and Posts for specific users & anonymous visitor


Security and sanity in file names while uploading.

27-PJW Mime Config

Allows you to extend the list of mime-types supported by the builtin uploader.

28-Login LockDown

Limits the number of login attempts from a given IP range within a certain time period.

29-TTC WordPress Security Tool

This plugin blocks scrapers, cross-site scripting attempts, and other ill behaved bots. This is the second of three security plugins.

30-Admin SSL

Secures any WordPress URL using Private or Shared SSL.


Adds two-factor security to the WordPress login system.


yaCAPTCHA is a CAPTCHA plugin for WordPress that helps you block comment spam from automated bots.

33-Whisper Comment

Whisper Comment is a WordPress plugin for commenters to control comment visibility for other viewers.

34-Yawasp – Yet Another WordPress Anti Spam Plugin

To block Spambots this Plugin replaces the names of the default comment form fields with random names.

35-Ze’s Admin Update Notification

Send email to all administrators when update (WordPress or plugins) are available.

36-Restrict Login By IP

Lets you specify IP addresses or hosts that users are allowed to login from.

37-Project Honey Pot Http:BL

Project Honey Pot Http:BL allows you to verify IP addresses of clients connecting to your blog against the Project Honey Pot database.


Checks wordress installation (database and files) for changes and emails admin if any changes took place.

39-AskApache Password Protect

This plugin Adds Crazy Additional Password Protection and Security to your blog.

40-Search and Replace

A simple search for find strings in your database and replace the string.

41-TAC (Theme Authenticity Checker)

*Scan all of your theme files for potentially malicious or unwanted code.*


Client-side javascript blocks all spam bots. XHTML 1.1 compliant.

43-Safer Cookies

Ties the WP session cookie to your IP address so that it can’t be used to get access to you blog from another computer.

44-WordPress Tweaks

A must-have plugin that adds many useful settings pertaining to comments, posts, SEO, security, the administration back-end, and more.

45-TTC WordPress Tripwire Tool

This plugin acts as a tripwire for you. It will give you a list of all files changed on your WordPress site in the last 1-99 days.

46-Wp UCanHide

A very useful and simple plug-in that allows you to hide a part of a post for people who are not logged on your site.

47-wp-config.php SECRET_KEY edit

Add/Change SECRET_KEY in wp-config.php for WP 2.5.x installs

48-Semisecure Login for WordPress 2.5

Semisecure Login increases the security of the login process using client-side MD5 encryption on the password when a user logs in.


Instantly requires that users be logged in to visit your site. Also serves as a good base for expansion. No interface, just activate and go! Requires

50-Replace WP-Version

Replace the WP-version with a random string < WP 2.4/5 and eliminate WP-version > WP 2.4/5


Prevent possible attacks on your wordpress blog.


The plugin DigoWatchWP scans your blog posts and pages for changes.




Displays a security alert when visiting the site with an Internet Explorer browser.

55-Tinfoil Hat

Tinfoil Hat provides extra privacy configuration for your blog.

56-Semisecure Login

Semisecure Login increases the security of the login process using client-side MD5 encryption on the password when a user logs in.


openWallet is a login system for websites, which replaces user names and passwords with digital keys and a password.


Skyje is a Blog for Web Designers and Web Developers featuring Social Networking news and everything that Web 2.0. You can Subscribe to Skyje feed.

You may also like...

3 Responses

  1. Barry says:

    You could have provided some “love” for the developers of the plugins you listed and at least linked to their sites (or the plugin pages on their sites).

    But other than that, nice list :)

  2. yscan says:

    best yahoo invisible detector :- http://yscan.info

  3. yscan says:

    best yahoo invisible detector :- http://yscan.info

Leave a Reply