How do you protect your wordpress blogs?
 

What plugins do you use for protection against malware? And what do you do when your blog is already infected? Prefer free versions of plugins? :-)

Personaly tried sucuri and anti-malware.

Block Bad Queries + Limit Login Attempts

Thank you. How long do you use this combination?

4 years +

You may try All In One WP Security & Firewall.

There's a few things you can do immediately.

• Read the WordPress codex for steps in Hardening Wordpress
• IP protect your Wordpress Login files so that ONLY the IP's you use can access the files.
• Have your host install fail2ban
• Use common sense. The weakest part of Wordpress is the lack of keeping it updated and a tendency to rely on 3rd party plugins and themes. Not only does an abundance of plugins slow your site down, they contribute to sites breaking on update. If you have to use plugins, make sure to keep them updated and use ones from quality sources.

There's other things you can do. But the above is fairly straightforward and won't clutter up your database with the security plugins out there.

Even cloudflare is an option as they have web application firewall (WAF) rules already in place for Wordpress specific targets.

some hosts take care about that for you.

1/ .htacess to lock wp-admin page
2/ never download a cracked themes
3/ download plugins fro trusted sources
4/ keep your plugis updated and remove the old ones

i wear a condom whenever im posting

+ A Next-Generation Firewall
+ A Next-Generation Firewall configured the right way by qualified staff

Use these 2 plugins:
https://wordpress.org/plugins/better-wp-security/
https://wordpress.org/plugins/wordfence/

Iq bloker..you can block countries and ips

You can only move to a new server once you are infected. There is no other solution.

To stay good? Htaccess whitelist access to admin, login, etc

I never tell anyone my password. Worked until now.

besides that, Sucuri, Wordfence , WP Limit Login Attempts and most of the sites are accessible only through my Infinite WP CP, not directly.

thanks a lot for so many helpful answers

What else do you use with iq block? Thank you for answer.

99% wortheless since the majority of scripted-hacks are done by global botnets = you have to block out every country to be safe.

never download a cracked themes - good advice....)

great thread, because if you ever experience malware on your sites, it's the biggest pain in the ass of anything in the world :disgust

right. how did you fight it?

Hired someone from GFY to fight it, he helped a bit but disappeared about a month ago :Oh crap

note to everyone, never pay full upfront for anything, gives more incentive for people to mysteriously "disappear"