Quick list of common and popular WordPress security tips for automated scripted attacks. Wasted server resources translate in to slower websites and not a great user experience.
Securing WordPress Login
Limit the attempts to the login web page with the following plugins:
One of our favorites is:
Protect User Enumeration
Bots can source out your usernames, the following plugin disables it.
WordPress Firewall Plugin
Bots looking for weaknesses to exploit can be stopped with BBQ: Block Bad Queries. This is a simple ‘set it and forget it’ WordPress plugin. This is a great plugin to help protect server resources for invalid requests.
WordPress Firewall with .htaccess
Alternatively, one can set up a firewall directly within the .htaccess file and not having to use a plugin.
6G Blacklist is a definitive source of information for setting a firewall via .htaccess file
Ban IP Addresses
Ready to go ban IP plugin
Scan for Exploits and malicious code
This plugin searches through your WordPress install for signs that may indicate that your website has been compromised by hackers. Scans your posts, pages, plugins and comments