Hackers2
Well with all of the news recently regarding WordPress Hacker and Hacking using Brute Force Methods.  A couple folks have ASKED, what are the BEST Security methods for protecting your site.  

1.  Get familiar with your site and your .htaccess file.  That is BEST defense against hacks.
Adding deny from xxx.xxx.xxx.xxx to this file will BLOCK a specific IP address.

2. Make sure to change your Username and Password for the Blog.  Leaving it as ADMIN will most guaranteed get you hacked.

3. Some Plugin’s to take a look at:

  • AKISMET, this will block spam and give you the IP address of the spammer or the PROXY they are using.
  • AVH First Defense Against Spam ( Integrates with SPAMHAUS and Project Honey pot) if the visitor is on that list you will get a SPAM or HAM list.  It offers blacklisting from inside the Plugin.  Adding the IP address to your own .htaccess file is BEST.
  • Block Bad Queries (BBQ)  This Plugin protects WordPress against BAD URL Request.  Many WordPress folks use this in locations where the .htaccess file is not available.
  • Limit Login Attempts This plugin sets a a NUMBER of attempts a user can attempt a login before that IP is blocked from access to the blog for a certain period of time.
  • Register IP This plugin grabs the IP of the user when they Login.  Useful for checking NEWLY Registered Users against spam and malicious user databases.
  • Simple Login Lockdown Another good tool to prevent brute fore attempts.
  • Ultimate Security Checker This plug in offers, support for the WordPress ADMIN to check the site and see if there is anything that may need to be cleaned up so the site is harder to hack.

This of course is NOT a CONCLUSIVE list but it’s a good list of Plugin’s to get you started.  Update: 04/22/2013 – If you have had experience with a plugin that works well.. Please let us know.  I’d love to grow this list.