There are a number of comprehensive security solutions available for WP, notably including the very popular Wordfence Security plugin. I have a Wordfence quibble, which I whine about in another post, but to the best of my knowledge, Wordfence is an excellent choice for most WP users. My preference though is for light, fast, specific solutions as opposed to a single, relatively heavy, Swiss-army-knife style tool.
One such light, fast, specific solution is the 6G Firewall from Perishable Press. The 6G Firewall runs in htaccess, at the server level for optimum speed and minimum resource use. It blocks threats before they even reach my WordPress installation. Jeff Starr, the developer of the nG Firewall series, says it best:
This version of the nG Firewall is greatly refined, heavily tested, and better than ever. Fine-tuned to minimize false positives, the 6G Firewall protects your site against a wide variety of malicious URI requests, bad bots, spam referrers, and other attacks. Blocking bad traffic improves site security, reduces server load, and conserves precious resources. The 6G Firewall is entirely plug-n-play with no configuration required. It’s also open source, easy to use, and completely free, providing strong protection for any Apache-powered website.
The 6G Firewall is a powerful, well-optimized blacklist that checks all URI requests against a set of carefully constructed .htaccess directives. This happens quietly behind the scenes at the server level, which is optimal for performance and resource conservation. Most WordPress plugins require both PHP and MySQL, which can be overkill and even wasteful depending on the scenario and your overall security strategy. Implementing an .htaccess solution such as the 6G Firewall, the code is executed without invoking the memory and resources required for PHP, MySQL, etc. That gives you better performance while saving server resources for legitimate traffic.
The 6G firewall is one of several carefully selected components -all free – that together provide a layered defense that I prefer over an all-in-one solution. Other components include CloudFlare page rules, the plugins Limit Login Attempts Reloaded and WPS Hide Login, a custom security plugin, and miscellaneous configurations to CloudFlare, htaccess, wp-config.php, and php.ini.
For those unable to implement an htaccess solution – if running on an NGINX web server for example – Jeff offers the Block Bad Queries (BBQ) plugin.
WPPOV supports freedom from Net Neutrality and the GDPR. The Internet of the people, by the people, for the people, shall not perish from the Earth.