Security is top of mind for WordPress users right now, or at least it should be. WordPress' popularity all but guarantees it will be a favorite target of hackers and criminals for the foreseeable future. As a result, more businesspeople are taking extra steps to ensure their sites are secure.
"Many small businesses appreciate the power of WordPress, but many of these same businesses fail to recognize that WordPress is a common target for hackers," said Josh Waldron, founder of the Web design firm Studio JWAL. He's a fan of Login Lockdown. The plug-in hasn't been updated in a while, but Waldron said it has worked well for him on WordPress 3.0 and up. "If a person or automated script is looking to gain access to your dashboard, this tool will deny them access sooner rather than later," Waldron said.
Laurie Morse-Dell of Pup's Place likes Better WP Security (pictured), in part because it you don't need to be a hardcore security pro to use it. "[It's] very easy to set up and use and gives you a nice color-coded system for rating the security risks of different parts of your site," she said. "Any novice can walk through the site suggestions it recommends and there are great explanations for why you might want to make each of the changes or how changes might affect other parts of your site."
Skip Shean, CEO of 16wells, likes Sucuri to prevent his customers' WordPress sites, many of which are in the financial services sector, from becoming malware farms. "[It] heads off a lot of problems for clients around malware and other Internet stupidity," he said.