可以认为,在CMS上运行的网站的比例要比从头开始构建的定制设计网站高。 可以理解,使用WordPress的用户数量比其他任何CMS都要多,因此,为您的站点增强安全措施至关重要。 由于使用WordPress作为平台的大量用户,越来越多的黑客和欺诈者试图破坏此类网站的安全性。 在大多数情况下,由于文件和/或插件过时,在WordPress上运行的网站会受到损害。 相关脚本的这种过时的版本使欺诈者轻松享用。
So what measures should an individual adopt to keep a WordPress installation safe and secure from being compromised ? Primarily, it is crucial to have a latest version of WordPress. In-addition, there are couple of useful WordPress plug-ins that can help you safeguard your website hosted on an affordable web hosting server.
那么,个人应该采取什么措施来确保WordPress安装的安全和受到保护? 首先,拥有WordPress的最新版本至关重要。 此外,还有几个有用的WordPress插件可以帮助您保护托管在负担得起的Web托管服务器上的网站。
Top List of WordPress Plugins For Enhanced Security BulletProof Security Average Rating : 4.5 || Total Downloads : 143,241
WordPress插件列表,用于增强安全性BulletProof安全性平均评分:4.5 || 下载总次数:143,241
This plugin in particular has been considered to be one of the reliable security plug-ins for WordPress. It helps in protecting a WordPress based site against XSS, RFI, CRLF, CSRF, Base64, Code Injection and SQL Injection hacking attempts. Moreover, it offers a single click .htaccess WordPress security protection. The files that are protected with this plugin are wp-config.php, bb-config.php, php.ini, php5.ini, install.php and readme.html with .htaccess security protection. Moreover, it holds the capability to check DB errors off, file and folder permissions check.
特别是,该插件被认为是WordPress的可靠安全插件之一。 它有助于保护基于WordPress的站点免受XSS,RFI,CRLF,CSRF,Base64,代码注入和SQL注入黑客的攻击。 此外,它提供了单击.htaccess WordPress的安全保护。 受此插件保护的文件是wp-config.php,bb-config.php,php.ini,php5.ini,install.php和readme.html,具有.htaccess安全保护。 此外,它还具有检查数据库错误,检查文件和文件夹权限的功能。
6Scan Security Average Rating : 4 || Total Downloads : 3,844
6Scan安全性平均评分:4 || 下载总次数:3,844
The plugin is claimed to offer protection against the SQL Injection, Cross-Site Scripting (XSS), Directory traversals, Remote file inclusion, including the one’s listed in OWASP Top Ten security vulnerabilities. It has been developed in a way that there is no adverse effect on the site’s performance.
该插件据称可提供针对SQL注入,跨站点脚本(XSS),目录遍历,远程文件包含(包括OWASP十大安全漏洞中列出的内容)的保护。 它的开发方式对站点的性能没有不利影响。
Ultimate Security Checker Average Rating : 4 || Total Downloads : 35,851
最终安全检查人员平均评分:4 || 下载总次数:35,851
This too similar to couple of other plugins seems to be quite appreciated by users. It a common scenario where a hacker manages to get access to the WordPress installations and delete the data it contains. The Ultimate Security Checker is capable of identifying security issues on your site. It scans the installation for known vulnerabilities and grades it accordingly. It suggests the vulnerabilities which you may either fix on your own or do it automatically.
这与其他几个插件太相似了,似乎受到用户的赞赏。 这是一种常见的情况,黑客可以设法访问WordPress安装并删除其中包含的数据。 Ultimate Security Checker能够识别您站点上的安全问题。 它会扫描安装中的已知漏洞并对其进行相应的评级。 它建议您可以自行修复或自动修复的漏洞。
WordPress Hosting – Cheap Hosting UK
WordPress托管–英国廉价托管
Better WP Security Average Rating : 4 || Total Downloads : 41,417
更好的WP安全性平均评分:4 || 下载总次数:41,417
The plugin ensures that multiple security holes are patched without the need to bother about conflicting features. It comes with a built-in feature that bans troublesome bots, switches off the ability to login for a given time period, bans the users trying to login too many times with incorrect information and more importantly it enforces strong passwords for all accounts.
该插件可确保修补多个安全漏洞,而无需担心功能冲突。 它具有内置功能,可禁止出现问题的漫游器,关闭给定时间段内的登录功能,禁止用户尝试使用错误信息登录过多次,更重要的是,它对所有帐户强制使用强密码。
WP Plugin Security Check Average Rating : 5 || Total Downloads : 4,168
WP插件安全检查平均评分:5 || 下载总次数:4,168
It may at-times happen that due to an outdated security plugin a hacker manages to breach in, this plugin searches for plugins for bad practices and possible security holes limiting the risk of a compromised website.
有时可能由于黑客设法破解了一个过时的安全性插件,该插件会搜索插件的不良做法以及可能存在的安全漏洞,从而限制了网站遭到破坏的风险。
Secure WordPress Average Rating : 4 || Total Downloads : 611,889
安全WordPress平均评分:4 || 下载总次数:611,889
This plugin removes the error information on login pages, adds index.html to plugin directories, hides the WordPress version (except from the admin area) hides the plugin-update information for non-admins, it blocks any bad queries that pose harm to your WordPress installation.
此插件删除登录页面上的错误信息,将index.html添加到插件目录,隐藏WordPress版本(管理员区域除外),隐藏非管理员的插件更新信息,它阻止对您造成危害的任何错误查询WordPress安装。
WP DB Backup Average Rating : 4 || Total Downloads : 1,238,595
WP DB备份平均评分:4 || 下载总次数:1,238,595
We all are aware about the importance of website backup, this plugin allow users backup the core WordPress database tables with minimum clicks. Looking at the number of downloads one can imagine its popularity amongst webmasters.
我们都知道网站备份的重要性,该插件允许用户以最少的点击次数备份WordPress核心数据库表。 查看下载数量可以想象它在网站管理员中的流行。
WP-DB Manager Average Rating : 4 || Total Downloads : 601,825
WP-DB经理平均评分:4 || 下载总次数:601,825
This plugin would enable users to manage the database effectively. Optimization, repair, backup, restore database, delete backup database ,etc. can be carried out with enough simplicity. Moreover, webmasters may even automate the processes of back-up, optimization and repairing of database.
该插件将使用户能够有效地管理数据库。 优化,修复,备份,还原数据库,删除备份数据库等。 可以足够简单地进行。 而且,网站管理员甚至可以自动执行数据库的备份,优化和修复过程。
WP Security Scan Average Rating : 3 || Total Downloads : 897,847
WP安全扫描平均评分:3 || 下载总次数:897,847
This plugin in particular scans your WordPress powered website for vulnerabilities and offers corrective measures for various parts such as Passwords, File permissions, Database security, Version hiding, WordPress admin protection/security and Removes WP Generator META tag from core code
该插件特别扫描了您的WordPress支持的网站是否存在漏洞,并针对各个部分(例如密码,文件权限,数据库安全性,版本隐藏,WordPress管理员保护/安全性)提供了纠正措施,并从核心代码中删除了WP Generator META标签
Login Lockdown Average Rating : 4.5 || Total Downloads : 135,907
登录锁定平均评分:4.5 || 下载总次数:135,907
This plugin restricts a user from too many failed login attempts, it makes a note of IP address and time-stamp of every failed login attempt. If a user tries to access the website thrice using incorrect login details within 5 minutes, the login function gets disabled for all the IP’s within that range. This helps in preventing the hackers from trying different combinations of login credentials to gain access to your website.
该插件可以限制用户进行过多的失败登录尝试,并记录每次失败登录尝试的IP地址和时间戳。 如果用户尝试在5分钟内使用错误的登录详细信息三次访问该网站,则该范围内所有IP的登录功能都会被禁用。 这有助于防止黑客尝试使用不同的登录凭据组合来访问您的网站。
User Locker Average Rating : 5 || Total Downloads : 33,695
用户储物柜平均评分:5 || 下载总次数:33,695
This is one of the alternatives to the plugin ‘Login Lockdown’ which helps in preventing any unauthorized access to your website. Its works on the same logic helps restrict fraudsters from gaining unauthorized entry to your website.
这是“登录锁定”插件的替代方法之一,可帮助防止未经授权访问您的网站。 其工作原理相同,有助于限制欺诈者获得未经授权进入您的网站。
Limit Login Attempts Average Rating : 5 || Total Downloads : 107,935
限制登录尝试的平均评分:5 || 下载总次数:107,935
It is a fully customizable plugin that restricts users from attempting multiple failed logins into the WordPress admin console. This is again an alternative to the above two plugins.
这是一个完全可自定义的插件,可限制用户尝试多次登录WordPress管理控制台失败。 这也是上述两个插件的替代方案。
Login Encrypt Average Rating : 4 || Total Downloads : 3,221
登录加密平均评分:4 || 下载总次数:3,221
Login Encrypt is a security plugin that uses a a complex combination of DES and RSA for encrypting and securing the login process to the admin panel. It was developed with an intention of using for securing the login to the web hosting control panel and was later released for WordPress.
Login Encrypt是一个安全插件,它使用DES和RSA的复杂组合来加密和保护登录到管理面板的过程。 开发它的目的是为了保护登录到虚拟主机控制面板的安全,后来针对WordPress发布。
One Time Password Average Rating : 4.5 || Total Downloads : 7,531
一次性密码平均评分:4.5 || 下载总次数:7,531
This is one of a kind WordPress plugin that generates a unique one-time password for each login. This helps you keep the unauthorized users away from accessing the admin areas of your site. The OTP (One Time Password) expires upon usage, sent via, email to the registered email address every time you want to access the WP-admin area.
这是一种WordPress插件,可以为每次登录生成唯一的一次性密码。 这可以帮助您防止未经授权的用户访问您网站的管理区域。 每次您要访问WP-admin区域时,OTP(一次性密码)都会在使用时到期,并通过电子邮件发送到注册的电子邮件地址。
Fast Secure Contact Form Average Rating : 4.5 || Total Downloads : 2,125,581
快速安全联系表平均评分:4.5 || 下载总次数:2,125,581
The Fast Secure Contact Form plugin enables webmasters with creating and adding contact forms to their WordPress installations. Requester can send emails to a site’s admin, moreover they even get a scope to fix meeting requests via. a simple form. The administration of the site can create and preview multiple number of forms. The site admins can also set availability and synchronize the contact form with Google calendar enabling them to effectively manage the appointments. It supports Akismet anti spam protection hence making it a spam free plugin. The messages received by the administrator contains blog username, Date/Time timestamp, IP address of the sender, making it simpler to categorize and know more about the sender.
快速安全联系表格插件使网站管理员可以创建联系表格并将其添加到WordPress安装中。 请求者可以将电子邮件发送给站点的管理员,此外,他们甚至可以通过它来解决会议请求。 一个简单的形式。 该站点的管理可以创建和预览多个表格。 网站管理员还可以设置可用性并将联系人表单与Google日历同步,从而使他们可以有效地管理约会。 它支持Akismet反垃圾邮件防护,因此使其成为无垃圾邮件插件。 管理员收到的消息包含博客用户名,日期/时间时间戳,发件人的IP地址,这使得分类和了解发件人更加容易。
I hope you found this article useful. We’ll keep updating our blog with the latest and useful plugins which may help you have a great experience with using your WordPress installation.
希望本文对您有所帮助。 我们将使用最新和有用的插件来不断更新博客,这可能会帮助您在使用WordPress安装方面获得丰富的经验。
–
–
Like this post ?
喜欢这个职位吗?
Share on your Social Networking Profile ( Facebook, Twitter & Google+ ) and get a flat 10% Recurring discount on our VPS Hosting and Dedicated Servers.
在您的社交网络配置文件(Facebook,Twitter和Google+)上共享,并在我们的VPS托管和专用服务器上获得10%的固定定期折扣。
Email us the shared link at : [email protected] or speak to our live chat operator now, by clicking on the “Live Chat” Scroller on the left-hand side of this page and we will provide you with the discount Coupon right away!
通过以下电子邮件将共享链接发送给我们: [受电子邮件保护],或通过单击此页面左侧的“实时聊天”滚动条立即与我们的实时聊天操作员联系,我们将立即为您提供折扣优惠券!
翻译自: https://www.eukhost.com/blog/webhosting/a-list-of-top-wordpress-security-plugins/
439
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
