No matter whether you’re a newbie to the WordPress platform or a seasoned professional, one thing that should never be forgotten is the important role security takes in regards to your site. Sure, the core WordPress program comes with fair security features, and if you’re on a hosted server there’s likely a few more safeguards in place. But to really protect your website against hacks, brute force attacks and the dreaded “denial of service” quagmire, all site owners and administrators should look carefully into adding a firewall via a plugin.
Also called a “web application firewall,” these plugins create an effective shield between your site and anything and everything that comes to it. They can also monitor your traffic and quickly and easily block the most common security issues before they get to your data, and indeed do so most likely without your knowledge. And there’s an added bonus to installing a firewall plugin: they’ve been known to increase speed and performance by blocking traffic that has the potential to cause problems.
There are two types of firewalls site owners should be aware of: DNS Level programs reroute your site’s traffic through an independent server and then cull out the garbage, allowing only legitimate traffic to reach your own server. Application Level programs only look at incoming traffic once it has reached your server, making it slightly less reliable and secure.
If and when you decide it’s time to install a firewall on your WordPress site, here are a small handful generally considered to be the leaders in the current technology.
- With DNS Level intrusion and brute force prevention as well as tools to fight malware, the Sucuri firewall is considered one of the best in the business. All of a site’s traffic is routed through cloud proxy servers and all things sketchy instantly blocked. The plugin also boosts a site’s performance by reducing the amount of data impacting the server and optimizing archiving to accelerate load and response times. It may be a bit pricy for some ($200 per year), but keep this in mind: the folks at WordPress, who themselves us the plugin, report that the plugin blocked nearly half a million attacks in only three months.
- Like Sucuri, Cloudflare routes a site’s traffic through their network and weeds out anything detrimental or suspicious. However, their free version includes only basic protections against Denial of Service attacks and doesn’t include a website application firewall nor monitoring for file changes and other common threats. For this you’ll need to shell out some dough for their premium version ($20 per month for a pro plan or $200 a year for the business plan) to really take advantage of top-notch security.
- Wordfence Security does come with a built-in application firewall and is great at monitoring a site for malware, file changes, SQL injections, brute force attacks etc. But unlike the previously mentioned plugins Wordfence works from your own server rather than a remote proxy. This means anything malicious won’t get identified and blocked until after it reaches your server but, of course, before it gets through to your actual website. Another downside is, because it works via your server, it can really slow down the performance of your site if a ton of attacks happen simultaneously. On the upside the basic version is free and the premium version only runs about $100 a year.
- Lastly, another application firewall is SiteLock, which offers regular malware scanning and removal as well as security alerts and the like. A nice bonus is the plugin allows you to display their “trust seal” on your pages, which can really let your visitors and customers know that you take security seriously. There’s the standard Denial of Service protections etc., but be aware that SiteLock’s plans are little bit more expensive (from $300 to $500 a year).
