Title: Security Plugins Last modified: June 5, 2018 --- # Security Plugins * [ronnny](https://wordpress.org/support/users/ronnny/) * (@ronnny) * [7 years, 12 months ago](https://wordpress.org/support/topic/security-plugins-13/) * Besides Wordfence, is there any other good plugin for security that I can use on a WordPress site? Viewing 5 replies - 1 through 5 (of 5 total) * Moderator [Steven Stern (sterndata)](https://wordpress.org/support/users/sterndata/) * (@sterndata) * Volunteer Forum Moderator * [7 years, 12 months ago](https://wordpress.org/support/topic/security-plugins-13/#post-10363843) * Don’t use more than one at the same time. * [https://wordpress.org/plugins/search/security](https://wordpress.org/plugins/search/security) * [LandyVlad](https://wordpress.org/support/users/landyvlad/) * (@landyvlad) * [7 years, 12 months ago](https://wordpress.org/support/topic/security-plugins-13/#post-10363939) * OK I’ve had a look at those too. * I’m wondering which is the best FREE option. (i.e. not requiring a premium purchase or a subscription). * Wordfence talks about 30 days delays for various things, which sounds less than ideal… Sucuri seems pretty good. * Sa, to all, interested in thoughts on this please? * [@ronny](https://wordpress.org/support/users/ronny/) is there a reason you are looking at wordfence alternatives? Come across particular issues? * [te_taipo](https://wordpress.org/support/users/te_taipo/) * (@te_taipo) * [7 years, 12 months ago](https://wordpress.org/support/topic/security-plugins-13/#post-10363995) * Security plugins come in a variety of shapes and sizes: – quasi anti-virus: detect changed files, malware, warn, replace files etc – block bad activity: most look for obvious attempts at attacks – request flooding: many provide spam captchas, rate limiting logins etc – xml-rpc filtering: providing ways to disable certain ways the xmlrpc.php file is used by attackers to flood a server or to bypass login security – all of the above and more * There are limits to what a security plugin can do, it is after-all subject to attacks on your website files as are any other file on your server. Think of them like your antivirus/anti-malware installed on your computer desktop – in that they do well at catching known/older issues, and generally miss the really new ones, but are often updated shortly afterward to prevent them from re-ocurring. * Some make arbitrary changes to the way your website functions in ways you may not understand until you try a certain *thing* and it doesn’t work, and some conflict with others. * By far though the best practices are: – keep your website, themes, and plugins up to date – install only the plugins you need, remove ones you are not using– same goes for themes – host your website on a reputable webhosting service * [LandyVlad](https://wordpress.org/support/users/landyvlad/) * (@landyvlad) * [7 years, 12 months ago](https://wordpress.org/support/topic/security-plugins-13/#post-10364046) * Thanks 🙂 Doing most of the above. (I do have a few unused plugins- mostly so I can try to figure out what they do and mostly Contact Form 7 plugins) * Thread Starter [ronnny](https://wordpress.org/support/users/ronnny/) * (@ronnny) * [7 years, 12 months ago](https://wordpress.org/support/topic/security-plugins-13/#post-10371718) * Thanks guys for the information. Viewing 5 replies - 1 through 5 (of 5 total) The topic ‘Security Plugins’ is closed to new replies. * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) * 5 replies * 4 participants * Last reply from: [ronnny](https://wordpress.org/support/users/ronnny/) * Last activity: [7 years, 12 months ago](https://wordpress.org/support/topic/security-plugins-13/#post-10371718) * Status: not resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics