14 WordPress Security Plugins for a Clean Installation
After first installing a new website running WordPress there will be a number of tasks you want to handle. Securing the new installation is definitely a top priority. And thankfully there are tons of free plugins you can download right from the plugins administration page.
In this article I want to present 14 specific WordPress plugins which are helpful when doing a clean install. Any new WordPress-based website can benefit from a majority of these plugins. Additionally they are all free to download and the developers often update with version enhancements. You may not need every plugin but this is certainly an exhaustive list worth a quick peek.
1. Google Sitemap Generator
To get your webpages listed in Google will take some days or even weeks of crawling. But when you generate a unique XML sitemap the process may be expedited tremendously. I have to recommend Google Sitemap Generator for every single WordPress installation. Users never need to see this but it provides context for search engine crawlers to manage your content and organize pages by keywords.
2. W3 Total Cache
Contrary to the 1st example, I would argue W3 Total Cache is not necessary in every website. You need to consider what type of posts or pages you will publish on your site and if a local HDD cache will provide much value.
When you are posting lots of images and other media the caching system works wonders. W3 Total Cache will handle everything from database queries, video media, images, shortcodes, and other similar content types. When you notice your website pulling in major upticks of traffic this would be a good solution for wearing down on bandwidth transfers.
3. WP Maintenance Mode
It is not uncommon to perform updates or enhancements to your theme. When editing core areas of your site there are likely going to be errors among many trials. Instead of leaving these glaring bugs in the frontend for your visitors to see, why not try WP Maintenance Mode? This all-in-one plugin will allow you to switch into maintenance mode which directs users to a construction page, while admins can still observe the changes to inner pages.
4. Ultimate TinyMCE
If you are bored of using the default text editor then look no further beyond Ultimate TinyMCE. There are definitely similar examples to choose from, but this plugin is my favorite by far. You can setup additional buttons or switches which are customized right from the admin panel. It’s certainly not for everyone, but it may be worth a try if you are curious.
5. Better WP Security
Better WP Security is for webmasters who really want to cloak their site. It will provide a number of helpful changes such as a new URL for dashboard/login pages, renaming the admin account, updating the WordPress DB tables prefix, and even changing the location of the wp-content directory. This may be overly paranoid for some users but it is a keeper in the means of security.
6. CMS Tree Page View
After building a WordPress site using over 1,000 pages I can vouch that CMS Tree View is a very handy plugin. You do not want to be guessing at parent pages when editing a new webpage in the admin panel. And WordPress is admittedly not so great with a more traditional UI when organizing all your webpages.
7. Custom Upload Dir
One separate feature which many webmasters have been asking for is a place to remove uploads outside of wp-content. This WordPress plugin Custom Upload Dir allows you to do just that! It is still possible to customize the URL based on date, month, user ID, or post title. And you may choose any root folder like /images/ or /media/ which masks a lot of the default behavior.
8. WYSIJA Newsletters
Although still not as popular among users, the WordPress Newsletter system has grown quickly. It provides a means of keeping members updated with content while still using the WP users system. All e-mail addresses are easy to pull – but what about custom themes? This plugin will provide a backend theme editor for customizing newsletter pages. Very handy for marketing potential and it is quick to learn.
9. Syntax Highlighter
There are a number of helpful tools for displaying code in your pages. The syntax highlighter offers additional support for quickly copying codes into your page without rendering HTML or CSS. Additionally you can choose from a number of languages, and the list is growing with each update. I have yet to be disappointed with Syntax Highlighter so give it a shot if you have the opportunity.
10. Crayon Syntax Highlighter
Another code display plugin is Crayon Syntax Highlighter. This system is a bit more complex with the ability to add your own custom language rules. But you also have the options of referencing an external URL or file within your WordPress install. In this way you do not need to include all the code inline, but rather keep them separate from the regular content.
You never know when an accident can happen with your database, WordPress theme, plugins, or even the hosting server. It is a good idea to keep local backups of your website just in case of an emergency. And BackWPup is one great solution rolled into a single plugin. You can take the WP database, file systems, and even the wp-content folder which may be remotely stored or downloaded. Very simple to use for webmasters who are not savvy in the backend.
12. Yet Another Related Posts Plugin
Although related posts are not exactly necessary for website security, they do help to provide a better experience on new launches. Yet Another Related Posts Plugin is totally free and much smaller than the competition. It is an easily install and also very easy to manage. Check out the details page if you want to learn more.
13. Disqus Comments System
One plugin which I always recommend is the Disqus Comment System. Unfortunately since Akismet has a more confusing checkout system which appears to require money(donations), I have stopped using them altogether. Even though Akismet is still technically free, the process for obtaining your API key is ludicrous.
And leaving your WordPress comments form open to manipulation is very dangerous. So the easiest alternative is to use a 3rd party solution via Disqus. Give it a try and if you don’t like how Disqus operates you can always uninstall and go back to default. Or merely disable comments altogether and not have to deal with any spam.
14. Fast Secure Contact Form
The Fast Secure Contact Form plugin is definitely an easy setup. When you need a very quick and easy contact form then this is a great solution. There is built-in spam protection to keep you from getting a flooded inbox. The plugins is free to use and provides support for additional fields within any contact form. Definitely a good all-around solution for beginners and experts alike.