August 23, 2015 at 15:17 UTC - Views: 50 #18159GR8FLParticipant
I have been using the premium version of WordFence (https://www.wordfence.com/) along with BruteProtect (https://wordpress.org/plugins/bruteprotect/) for managing my security. However, Brute Protect is now part of JetPack which I am not a fan of for many reasons. Mostly it is bloated
Does anyone know of an alternative for this plugin?
What do folks here use for security?
Thanks in advance.August 23, 2015 at 19:22 UTC - Views: 6 #24135WeaverKeymaster
In my experience, it is often very iffy to use more than one security plugin at a time – they often conflict with each other.
I don’t know anything about BruteProtect, or what it might do.
I do use WordFence plus CloudFlare. These two use different protection techniques. WordFence (and other WP plugins) run on you own site, and are only as good as your base site configuration. CloudFlare is an extrenal mechanism, and can block attacks before they even reach your server.August 23, 2015 at 20:43 UTC - Views: 7 #24136GR8FLParticipant
Thanks for your response!My hosting company provides an option for CloudFlare. I remember trying to use it once with mixed results, some of which were not so good (however, can’t remember why at this point). Are you doing something like this with your host company or directly through CloudFlare?August 23, 2015 at 23:15 UTC - Views: 6 #24137WeaverKeymaster
Actually, your hosting company doesn’t have to have anything to do with CloudFlare. I had better luck doing it myself.
It is fairly easy:
- Create your CloudFlare account at cloudflare.com
- Find out the IP your host is using to server you account. For most hosts, this will be a single IP that works for ALL of the sites on the account. If I recall right, the CloudFlare setup might figure this out.
- After you get cloudflare all set up, you switch your DNS settings. You point your domain’s DNS server (ususally on your hosting company) to the DNS server names that CloudFlare tells you. You then point CloudFlare to the hostings company’s IP.
- After a while, all traffic to your site will go through CloudFlare first. CloudFlare does some significant filtering of bad IPs and other requests first. It will also cache a lot of your site’s static content (images, etc.) – about 30% it seems for WP sites. A WP cache will still work, too.
- If you get a denial of service attack on your site, you can go to your CloudFlare account, and turn on the “I’m under attack” setting, and the attack is stopped almost instantly. After a while, you turn that setting off again.
- The forum ‘ Recommend a WordPress Plugin’ is closed to new topics and replies.