It is no secret that WordPress sites have been under attack for the last few weeks and I hope you are not one of the victims.
In response to this new threat, I installed Wordfence on every site I manage. Maybe I was just blissfully ignorant before, but this new tool has found me watching “real time” as attacks come in. I have allowed myself on occasion to become actually rather bothered about the targeted randomness of this activity.
This is a must-have plugin, if for nothing else than to lock out people trying to login under your hopefully non-existent username “admin”.
Along with Wordfence, I would suggest that you have a nice backup plugin and that it is scheduled to run regularly. (Barring that, please backup regularly from your C-panel.) I personally use Online Backup for WordPress. I confess that I have never set up the online locker. Though included and possibly useful, I have been happy with backing up and downloading or having emailed the zip file to my own computer for safe-keeping.
Another must-have is Akismet. This handy little plugin requires that you obtain a key to make it work. It is well worth the hassle. After that, with a minimum of attention, you will save yourself much time sifting through innocuous comments.
The problem with sifting through innocuous comments is that many seemingly nice comments of the type —
“I compliment you for this great writing. Your content is amazing. I have searched the web for this information and now I am bookmarking your site to follow and six grinder pins before Tuesday. Yours sincerely, Ima Hacker”
— seem to me to be casting for that first comment approval. Then if your settings are in the normal (not paranoid) configuration you will open the door for anything & everything coming from this person. (Most WordPress blogs are set to accept comments from anyone who already has an approved comment.)
I also run WordPress Hash-cash Extended along with Akismet together filtering 99% of all spam. I used to be fascinated by spam. We were small. Times were slow. Who were these people who graced us with their Louie Vuitton handbag websites? Since then, I have learned to take a more pragmatic approach to spam and delete it as soon as I can identify it. These last two plugins do a super job helping me undo the spam stress.
Essential WordPress Plugins
These plugins are the biggies that I use every day. Beyond that, you might want an editor, SEO plugin, broken link checker or any number of other functions. The sky’s the limit at that point. Once you have taken care of back-ups, spam, and website attacks, you are pretty much home free to adapt your blog to your needs, while resting in the knowledge that your site will not fall total victim to cyberspace rambunctiousness.
Image credit: pixelsaway / 123RF Stock Photo