Almost every day on Twitter I see tweets about the best WordPress plugins and almost all of them never mention essential backup and security plugins.
I read a lot of technology security news every day and there has been a marked rise in the number of web site hacks, abuses, denial of service attacks that circle around WordPress sites. WordPress, like Microsoft, Apple, Google and other popular technologies, is a real target now.
Anyone who claims to be listing the best WordPress plugins and neglects to mention security plugins is living in la la land.
My first essential plugin is a backup plugin. I use BackupBuddy from iThemes Security. It now costs $80 for one web site (gets cheaper if you have more web sites). Always backup your web site before updating it. And after you update your web site.
Second get a security plugin. Top two are iThemes Security Pro and Wordfence. iThemes is a little more user friendly but costs $80. Wordfence comes in a very respectable free version and a paid pro version $39 per year per web site but is a little technical for your average business owner. I like that Wordfence notifies me every time there is an update for my web site plugins. Out of date plugins can be a security problem. And it can notify you every time someone logs in or attempts to log in to your web site.
For heavy duty protection against malware and web site defacement, you want Sucuri. Sucuri cleans up infected or hacked web sites as well as protecting them. It costs $7.49 per month for one web site. Think of it as antivirus software for your web site. I know it’s not exactly a plugin but still worth getting.
Like with a computer, doesn’t matter how up to date your software is, if your operating system is unpatched and out of date, you are at risk. Remember to update your WordPress installation too.