One of the most common tasks our Valiant Support team do for our customers is help ensure their WordPress website is properly secured. There are many WordPress security plugins that can help with this task, but the options can be overwhelming. When it comes to finding the ideal security plugin for your WordPress site, we strongly recommend finding one that suits your needs and maintaining it properly. To help you narrow down your options, the following security plugins have been recommended by the NTSPL Web Security Team. These plugins are ranked highly, used widely across the industry, and will help secure your site against potential attacks.


1. WordFence

WordFence will perform a deep scan on all of your source code files, themes, and plugins to verify their integrity and security. In addition, this plugin offers firewalls, virus scanning, a new caching engine, post & comment scanning, and file scanning. A unique feature of this plugin is the real-time map on the WordFence homepage that tracks attacks on WordPress sites. This map is used as a crowd-sourced approach to blocking attacks. If one site using the plugin is attacked, the attacker is then blocked by all other sites using the plugin, allowing your site to be even more protected.


  • Free
  • Caching Engine Speeds Up Site
  • Crowd-Sourced Blocking
  • File Verification Against Repository

2. iThemes Security

Formerly known as Better WP Security, this plugin prevents a number of different common attacks through strengthened user credentials, site & database monitoring, locking out users with multiple invalid login attempts, changing the admin login path and username, and limiting the number of times users can access the site (brute force protection). Not to mention, this plugin backs up database files prior to securing your site. It’s easy-to-use, quick start installation makes this plugin ideal for site security.


  • Easy to Use
  • In-Depth Tutorials
  • Obscures Vulnerable Default Configurations
  • Free and Pro Versions

3. BulletProof Security

Well known for its ability to secure and monitor logins, as well as prevent SQL injection attacks, BulletProof Security uses .htaccess files to secure the entire WordPress installation. In addition, it protects against RFI, CSRF, XSS, and Base64 attacks. This plugin also features verbose logging capabilities, which are handy for troubleshooting by NTSPL team. The available maintenance mode, backup and restoration of .htaccess files, login security, firewalls, and strengthened access privileges all make this plugin a great option to secure your site.


  • Performance Optimization
  • Logging
  • Easy Security via .htaccess Files
  • Free and Pro Versions

The importance of maintaining a secure website cannot be overstated. WordPress sites are often a target for attackers and therefore extra caution should be taken with your security. While plugins and other WordPress features are not covered under our fully managed Valiant Support , our team will provide Best Effort support to help you in any way possible.