Plugins to increase the security of our Wordpress
Many plugins/themes and even outdated versions of WordPress may contain security vulnerabilities in their own code, which can allow malicious code to be injected into WordPress files. You can significantly increase your WordPress security by installing certain security plugins available in the WordPress plugin repository. The plugins we recommend installing are Wordfence and Akismet.
Before proceeding with the installation of both plugins, here is a brief summary of what each one does so you can decide which one to use depending on your needs:
- Wordfence: Wordfence is a WordPress plugin that includes a Web Application Firewall (WAF), which blocks most of the threats your site is constantly exposed to, such as malicious web requests or code injections through backdoors that may be accidentally left open or due to missing updates. It also includes other essential security measures to protect your website.
- Akismet: Akismet is an anti-spam plugin. It is mainly used to filter comments received on your blog, although it can also integrate with the popular contact form plugin Contact Form 7, one of the most widely used plugins for web forms.
How to install Wordfence from the WordPress administrator
First of all, access your WordPress dashboard, go to "Plugins" and click on "Add New":
Next, in the search bar type "Wordfence" and click on "Install Now":
Once installed, activate it:
The plugin setup screen will open automatically. Enter the email address where you want to receive security alerts. Accept the terms and click on "Continue".
Next, you will be asked whether you have a premium license. If you do, enter the license key. Otherwise, click "No thanks".
Finally, the Wordfence dashboard will open. From here, you can configure and manage the plugin, run scans, review attack history, and more.
How to install Akismet from the WordPress administrator
First, access your WordPress dashboard, go to "Plugins" and click on "Add New":
Next, in the search bar type "Akismet" and click "Install Now":
Once installed, activate it:
The Akismet setup screen will open automatically. Click on "Set up your Akismet account":
You will be redirected to the official Akismet website to select the plan you want. There are several business plans available, but for personal use there is a completely free plan with fewer features. For this guide, we will use the "Personal" plan:
You will then be asked to enter your registration details. Since we selected the "Personal" plan, you must confirm that the website is not for commercial use. Click "Continue with personal subscription" to proceed.
A verification code will be sent to the email address you provided. Enter the code to proceed:
If the code is entered correctly, Akismet will confirm activation and send your API key again by email so you can activate it from your hosting account:
Follow the instructions on that page or go directly to the plugin settings. Once you enter the API key, you can begin configuration:
After entering the API key, Akismet will start working and redirect you to its settings page, which includes the following options:
Related Articles
How to update WordPress, Plugins and Themes
Keeping WordPress up to date, along with its plugins and themes, is crucial to ensure the security, stability, and performance of your website. Frequent updates help protect your site against security vulnerabilities, fix bugs, and add new features ...Most common Wordpress errors
WordPress is a CMS application with a wide range of different applications and functions, which means there are also many errors that can be generated by them. In this guide, we show the most common and generic errors that WordPress may display: ...How to install a reCaptcha in Wordpress
When installing WordPress, you may receive spam through comments or contact forms. To prevent this and avoid negative SEO impact caused by mass spam, there are tools that can significantly increase security and reduce unwanted submissions. A CAPTCHA ...Wordpress Security: CVE Vulnerabilities
Common Vulnerabilities and Exposures (CVE) represent a reference point for identifying security vulnerabilities. Each vulnerability or exposure is assigned a unique identifier (CVE-ID), making it easier to manage security and compare different ...WordPress: Theme/plugins file editor does not appear
If you have WordPress installed on your website, you may at some point need to make direct adjustments to your theme or plugin files. However, you might find that the option to edit these files directly from the WordPress administration panel is not ...