6 thoughts on “WordPress Security Plugin Recommendations

  1. A few comments…

    MVIS Security Center does seem to provide a new niche service that will keep you out in front of new exploits and vulnerabilities. However, there’s a catch. Being that they are based in Singapore, the terms of use and just the fact they are foreign based is going to make this a no-go for certain companies.

    Instead of Audit Trail, I’m using ThreeWP Activity Monitor, which seems to do most if not all of the same thing, but makes it a bit easier to comprehend.

  2. Yeah, the MVIS terms, and the fact that it sends data to their servers, can definitely be a problem. I wanted to use it with an enterprise client a few months ago, but wasn’t able to for those reasons. One idea I’ve had to work around that, though, is to setup a dummy blog with no content, and then install MVIS and copies of the plugins that are activated on the real blog.

    That way you still get the alerts, but don’t risk compromising any data. The downside, though, is that you have to keep the plugins in sync. It’d probably be fairly easy to write a script to do that with WP-CLI, but I haven’t had the time to try yet.

    Thanks for the heads up about Activity Monitor. I’ve added that to my list and will have to try it out :)

  3. Great blog post. A previous developer installed Bulletproof and while it seems to be doing its job, we would like to try something else.

    What do you think I need to know before uninstalling it? Will it leave a generic .htaccess file or will I have to make one from scratch?

    Thanks for you thoughts on this!

    • I’m not sure about the uninstall process, you should probably consult their documentation on that. I wouldn’t be surprised if they fail to leave the .htaccess file in a pristine condition, though, so I’d recommend backing it up before the uninstall, and manually reviewing it afterwords.

Leave a Reply

Your email address will not be published. Required fields are marked *