There are more than 75 million websites that currently use the Wordpress platform. This enormous penetration has led to both good and bad news for Wordpress users.
The bad: hacking attempts and malicious attacks on Wordpress sites have been on the rise.
The good: amongst 75+ million Wordpress users, there have been at least one or two developers who’ve created great plugins to increase site security, protect against attacks, and add some cool functionality to your sites.
Below are 5 Free Wordpress plugins that we absolutely love and recommend all of our Wordpress clients use.
NinjaFirewall - Free, https://wordpress.org/plugins/ninjafirewall/
NinjaFirewall is installed like a normal Wordpress plugin, but it actually inserts code into your .htaccess file (your web server’s configuration file) and acts as a standalone firewall in front of your WP site. NinjaFirewall provides protection against file inclusions, SQL injections, and many other malicious attacks that are common amongst WP sites. NinjaFirewall also offers advanced features that you can configure on your own, as well as a handy reporting dashboard (pictured below) to give you an overview of your site’s health.
Stop XML-RPC Attack - Free, https://wordpress.org/plugins/stop-xmlrpc-attack/
One of the most common brute force attacks against Wordpress is against the xmlrpc.php file. There are plenty of plugins that will allow you to disable the xmlrpc.php file; however, disabling it may render other plugins that you have useless, since that is the file that plugins use to communicate with your Wordpress site. Instead, the Stop XML-RPC Attack plugin identifies and blocks IP addresses that initiate malicious attacks.
Jetpack by Wordpress.com - Free, https://wordpress.org/plugins/jetpack/
For most WP site owners, the Jetpack plugin is considered a must-have. It provides detailed traffic and site activity statistics, protects against brute force attacks, offers the option to use Wordpress.com’s CDN, which greatly enhances site speed, and many other features. It even allows you to enable an auto-update functionality for commonly used plugins that you have on your site.
Delete Comments By Status - Free, https://wordpress.org/plugins/delete-comments-by-status/
One of the most annoying things about hosting a Wordpress site or blog is the barrage of spam comments that constantly flow in. Deleting these comments one-by-one can be a tedious, time-intensive process, but fortunately, Delete Comments By Status gives you a one-click option to remove comments in bulk.
W3 Total Cache - Free, https://wordpress.org/plugins/w3-total-cache/
For larger site with higher traffic, performance and load times are critical. Wordpress is a great platform, but when it involves lots of moving pieces, site speed can take a serious hit. W3 Total Cache creates server-side caches of your website, which allows for up to 10x speed improvements when the plugin is fully configured. Plus, it offers an easy-to-use interface for configuring your site’s caching parameters and connecting it to third-party technologies such as a CDN for your images and videos.
These plugins can be installed on any Wordpress site, regardless of whether it’s an e-commerce shop, informational site, or just a simple blog. If you’re looking for plugins that solve very specific problem or provide functionality that may be unique to your site, there’s probably one out there if you do enough research. Of course, we’d be happy to help you...just drop us a line.