What security plugins are good?

What security plugins are good?

56% of all CMS applications were out of date when hacked

What security plugins are good?

What security plugins are good?


Reflecting on our expertise in this area, we will provided guidance on the security plugins you should use and why.



What Security Plugins ithemes and Sucuri

What security plugins are good?

Nobody wants to see their website come under attack. It is after all a significant part of your brand identity and a gateway to communicating with existing and potential customers or clients. However, an average of 30,000 websites are breached by hackers every day. Less than 3% of hacks on WordPress are due to the core files themselves. It’s the array of themes and plugins that are the main areas of weakness. In fact in 2019, over 56% of all CMS applications were out of date when hacks happened. Obviously, you want to avoid spending time securing it and recovering your content. That’s where security plugins play a vital role in WordPress. With a sea of potential add-ons to choose from, we understand you may need some guidance. That’s where this discussion of key security plugins comes in.

Which ones we recommend

iThemes Security

ithemes security

This is an essential security plugin that we trust as an agency. Indeed, we wouldn’t dream of developing a website without installing it. Offering over 30 useful security features, there are no ‘fillers’ across the free or pro versions. Enjoy manual or automated malware scans, spam comment reduction, and scheduled database backups.

It also bans known bots as well as specific IP addresses. WordPress Brute Force Protection will prevent bad users from trying to guess your password after a pre-set number of attempts. Bots scanning for weaknesses won’t get far either; instead, they’ll find a customisable 404 error message. Think of iThemes as a doorman with initiative, who’ll guard against hackers entering your site. File change detection alerts let you know if you’ve been targeted, so you can respond immediately and protect your business. As part of the complimentary service for all our maintenance plans, we can configure this plugin to meet your website’s needs and ensure peak performance.


We’re also a fan of Backupbuddy due to this plugin’s dependable and problem-solving nature. It’s worth noting how WordPress has no default backup system, leaving your website open to 3 stomach crunching possibilities:

  • Security breaches (see above)
  • Server malfunctions
  • User error (such as deleting files accidentally).

Growing your site without a backup plugin installed is like shredding the only copy of a content plan or the sole business card of a valuable new connection. In a word, it’d be ‘disastrous’ and could cost you lost sales. This is why we use Backupbuddy to bring you peace of mind.

This plugin may cost money but you’ll thank it for backing up your pages, posts, and widgets like other backup plugins do. It goes further though and can introduce backup files of image and video uploads, theme preferences, onsite databases, and WordPress settings. This saves you time when you need to act fast and restore your online presence. Instead, we recommend regular backups of your entire site; ensuring duplicate files are saved (offsite) securely. A backup plugin is a must as with security plugins.


Select this free plugin if you want your website to perform quicker. It can even enhance the security plugins you already so you won’t have conflicting security plugins. Its range of intelligent features includes file integrity that helpfully detects when new content is added, security activity auditing which roots out suspiciously frequent login attempts, and blacklist monitoring to ensure your site is never unknowingly blacklisted following a breach. It homes in on gaps in your software and removes your WordPress version display that can otherwise let unscrupulous parties lock you out of your site. Remote malware scanning is a breeze with Sucuri’s SiteCheck feature.

Guarding against hackers and their malware is Sucuri’s party trick. This eliminates the bots and ensures your visitors are actual humans interested in your services or products. How does it do this? The answer lies in the onion-like volume of layers built into its cloud-based website firewall, which aims to shield your website(s). Hostile requests struggle to reach these sites due to clever filters; Sucuri’s positioning between your internet host’s server and the internet ups your security.

This may sound complicated but the beauty is this plugin does all of the work for you with handy security notifications you can tailor to your preferences. Add in its post-hack security actions that offer helpful suggestions on how to resolve the situation should the worse happen, and you can appreciate why we’ve highlighted this plugin. We run both iThemes Security Pro and Sucuri on sites to give them the best security options on the sites we maintain.

Why we recommend website maintenance plans

Taking all of this into account can be overwhelming. This is why as an agency we offer maintenance plans and we believe these are essential for any website.

To give you an idea of what we offer and the costs involved, the volume of content and frequency of updates on your website will probably determine which of our 3 maintenance plans you select. Each plan has an array of offerings however with regards to backups these are what each plan offers:

  • The ‘Basic’ option – from £150 per month – includes daily database and weekly full backups
  • The ‘Intermediate’ option – from £200 per month – exceeds this with daily full backups
  • The ‘Advanced’ option – from £250 per month – includes this plus a staging site to try out and test.

In short, you’ll never have to try to remember which posts and pages were published. Note that website hosting can be insufficient when a server decides to crash.

Almost all of our clients have website maintenance plans with us, plus you can always ask us for advice on WordPress and its plugins; please note development work is not included in the basic plan. Having a plan means you can focus on running your business and not worrying about your website. Do feel free to reach out with any queries on this subject or our website building services.


Security plugins are a must on all websites and even more so when using a popular cms system. Without these you are inviting hackers to try and exploit your shop window.

We hope that you have found this article helpful, and it has encouraged you to improve your security. However, if you’re still hesitant or want to outsource your website design tasks to experts, we’re an award-winning agency that offers a friendly service. Why not talk to us about your needs and ambitions for a website or maintenance.


This is a unique website which will require a more modern browser to work!

Please upgrade today!