by Adam Preiser updated December 27, 2017

What Is The Best Security Plugin For WordPress – 5 WordPress Security Plugins Compared


Share on facebook
Share on twitter
Share on linkedin

Not sure what the best security plugin for WordPress is? In this video, I will be looking at 5 different WordPress security plugins and sharing my experience with each of them.

This video is part of a video series on WordPress security. It will be organized in a WordPress security playlist.

Here are the links to everything discussed in the video:
Security Plugins
Article on Wordfence
All In One Security
iThemes Security

Video Transcript

In this video and it take a
look at five different WordPress security

plug-ins and wouldn’t talk about the pros
and cons of them and see which ones best for

you hi my name is Adam from
or make WordPress videos for non-techies if

you enjoy the content in this video consider
clicking on the unsubscribe button if you

want video notifications click on the ballot
to the right and you too will let you know

when I upload a new video were talking about
security this is a video series this video

minute talk about the plug-ins and then in
the next two or three videos I will show you

tutorials on some of these plug-ins so that
you know how to configure them properly this

videos Morgan it help you decide which security
plug-in is for you and us were to just go

through them now unfortunately with WordPress
there’s a lot of security plug-ins and you

do need to use one so if you go to
and do a search just for the word is security.

You get a variety of results now before I
start talking about these plug-ins let me

know let let you know what is not secure about
WordPress that WordPress itself is a very

secure whenever there is a vulnerability discovered
they patch it before anybody knows it is a

pretty secure platform it’s typically not
that WordPress’s insecure it’s more there

is an insecurity with a plug-in that you have
installed or a theme that you have installed

and then there’s also that login form where
you would log in your WordPress website there’s

also was called brute force attacks on that
so you basically need a plug and that’s can

protect you from a lot of that now the best
security anyone can implement is having a

good backup I do have a video on how to create
a backup doesn’t cost any money just take

maybe five minutes of your time to set up
and automating have these off-site backups

happen because the security plug-ins one thing
that they’re not going to protect you from

is if your web host is attacked and there’s
a vulnerability in the server that your website

is on a perfect example of this is a Bluehost
they have had numerous numerous problems of

where where people would just the web WordPress
websites would be totally hacked into and

it wasn’t because there was a vulnerability
with WordPress or a plug-in it wasn’t that

it wasn’t secure it was at their servers were
insecure their servers were being hacked and

they didn’t have a solution other than to
say give us 300 bucks and will clean it up

before you soak the best security measure
you can take right now is to make sure that

you have a good backup system in place and
you know how to actually restore those backups

now with that said let’s take a look at some
of these security plug-ins so obviously the

most popular and widely used one is going
to be right here in it’s called the word fence

now I personally have used the word accept
personal use like all of these I personally

use the word friends myself I know a lot of
people that use word friends and I come across

a lot of people that use it in they don’t
second-guess it or consider any other security

plug-in however I do want to let you know
yes the word fence is a really feature packed

but at a cost in is not a money cost it’s
a performance cost on your website so word

fence has performance issues and they’ve had
it had performance issues on every website

I’ve ever installed it on and what I mean
by performance issues is your website loads

slower than if you didn’t have a word fence
installed in fact if you want to read some,

could very current comments on this output
a link down below to this a blog post on elegant

themes of blog and elegant seams blogs they
just put information about products of this

is about word fence but if you look here there’s
143 comments and that’s where I would encourage

you to scroll down and read typically what
I tend to notice is people that pay attention

to performance and actually know how to test
performance those are the ones that saying

it’s a huge performance hit the people that
don’t know how to test their performance and

that’s most people and that’s okay but it’s
those people are the ones addressing word

fence is the greatest thing ever I put it
on every single website but they’re not testing

the performance and there are some reviews
that I’ve read about performance going from

a one second load time before word fence and
then you they install word fencing out seven

or eight seconds of load time and the thing
is is it these security plug-ins they need

to communicate back and forth with the work
the database on your that’s that has all your

data in it for WordPress there’s this communication
are called database calls going back and forth

and that is what is going to slow down your
website now my personal expenses word fences

that is what happened and there is a default
feature that is on by default with word friends

were it’s called life of you so most people
just install activate and then there off to

the races but that live you will really slow
down your website and make the size of the

database that WordPress is stored and it’s
going to make it grow very large because it’s

logging in tracking everything in real time
it’s really getting of your performance and

so I am going to do a tutorial in this video
series on word fence and how to set it up

properly no word France also has a paid version
so there is a free version and a paid version

the paid version if you’re buying it on a
site by site basis in your and have lots of

sites it gets pretty expensive pretty quick
but what I do like about word fence is it’s

a singular focus company in a singular focus
product what I mean by that is they do security

that said they don’t do a million different
things they just do security so that is a

huge plus and the second huge plus and this
is what I consider a must and that’s why some

of these plug-ins I’m to talk about are there
instantly disqualified then the word fence

does this and another one that I’m to talk
about does this where you’re kinda connected

into this word fence and network and what
I mean by that is the number one attack that

every single word press website is going to
get is just a simple brute force attack on

your login form and what that means is some
automated software is going to try a bunch

of usernames and a bunch of passwords and
just keep hammering at it until it figures

it out now what this does is it makes a put
so much pressure on your web hosting account

and that your sites can get slower slower
slower and you could even get your web hosting

account suspended depending on how aggressive
it is doing this now with word fence you’re

connected into their network and what that
means is if if this bot goes to one site that

has word friends and tries to log in and it
has two or three depending on how it’s configured

failures then there the IP address of that
bot goes into the word fence network and then

your website is going to because it’s also
an outward pheasant defense network if that

same body goes and tries to attack your website
they won’t even get to attempt to put in a

username and password because it’s a band
globally on the network and that is I think

the most important feature when evaluating
any of the security plug-ins is to have that

feature word fence has it built into the free
version of word fence so because of that I

do like the word fence for people that insist
on using it I’m going to have a tutorial on

word fence I don’t have the cost of the paid
version off a hand but I think is like maybe

50 bucks or 80 bucks a year or something like
that for single site I put a link down to

this article right here below but essentially
you just want to click here you want to scroll

down and just read out through the, the comments
and you have people that are testing it for

performance and they are letting you know
what is what the next one is this all-in-one

WP security firewall and this is kind of a
tip when you’re evaluating any plug and that

your and installing your website when you
scroll down and you see the description and

you see a video that looks like it was from
the 1990s that’s an indication that maybe

this isn’t the best plug-in for your website
and that is the immediate impression I get

when I see this this is a super old version
of WordPress that they have in this video

and this really this this plug-in I’m not
recommending it okay number one it doesn’t

have that network were you can patch in and
benefit off of the information that other

websites that have the same plug-in installed
on you’re not getting that and that is an

immediate disqualifier and plus I like a company
that has a singular focus on security and

that is not this this the developer right
here I wouldn’t even give this a second look

but here let’s look at their website and that
could maybe further confirm why I don’t recommend

this plug-in I just you know tips and tricks
and I’m just looking at

that and like, this is this what I want to
trust with something important like security

and the answer is no so anyways Alana looks
like it hasn’t even been updated in a year

so this is definitely one that I wouldn’t
I wouldn’t take the time of even installing

on your website next were to look at security
now security is a security company and they

had that singular focus and they were actually
purchased recently were maybe six months ago

by Go Daddy so there now go daddy and they
have a singular focus I’m kind of iffy on

this that it’s a comes tied to an expensive
monthly service while its relative what expensive

is and they also have some kind of different
protection plans and whatnot I’m not really

a fan of the security plug-in personally I
think what they do good is if your site has

been hacked and there is all kinds of things
screwed up you go to them you pay them the

money and they’ll go there and though clean
it up I think the really good at that and

they also have a firewall for WordPress and
the really good at that but I don’t think

it’s the most feature-rich security plug-in
that’s out there and this one actually compared

to the other ones has some more bad reviews
than some of the other ones however in this

video series I am going to walk through security
specifically because of the reputation that

they have is pretty good next working to move
onto and I’m just gonna let you know this

is my favorite I’ve used all of these this
is my favorite this is what I use on every

single website it used to be called better
WP security and then I themes purchase them

now I will say I’m not really a fan of of
of all the stuff that that I themes makes

and I don’t think there probably a fan of
everything they make two days there was just

an article out where they had basically built
a WooCommerce competitor called exchange and

they they they gave it off to a different
developer a different company because they

just weren’t probably that passionate about
it and they decided to focus on only two of

their products I theme security and backup
buddy I don’t like back a buddy but I really

like I themes security this is a fantastic
plug and this is going to be what the next

video in this video series is about my personal
experience with that I theme security is it

doesn’t it has not slowed down my website
one bit it also has that network that you

get the plug into you can benefit of one side
is being attacked it sucks and that information

in it.

Proactively secures your website and that
is all in the free version is also a paid

version on the paid version adds a some bells
and whistles to be honest I don’t I do have

the paid version but I don’t use really any
of the paid version features a but there really

really cool stuff that this does so here some
of the pro features right here two factor

authentication I find that the most inconvenient
thing possible I don’t like it personally

the WordPress salts I have used that I’ll
have to explain that in the video malware

scanning this is good but I’ve never had any
malware on any of my WordPress websites password

expiration this is cool if you want to have
your users force them to have to change their

password or update their password Google recapture
that works very well for me I’m actually using

that feature to reduce the spam on my website
user login I don’t use that import export

settings this is actually good when you set
up a new sites you can just import the settings

and have it all configured I do like the dashboard
widgets and this right here is probably my

favorite feature temporary privilege escalations
this essay you have a developer or maybe a

theme developer you have some problems you
need to get them into their your website you

can create an account with the for them and
give them access and make it an admin but

you can have that admin rights expires you
don’t have to remember to log back in and

change the password or log back in and lower
what they’re able to do you can do it with

this temporary privilege escalation so in
then this is what I sought out the brute force

attack protection network and this is where
if someone’s brute forcing another website

with I theme security Juergen to benefit from
that because they won’t even be able to log

into yours and there’s some really neat things
as well you can have your log inability not

on at night so say you know you’re never in
a log in your website from 10 PM to 7 AM you

can have it so no one can even log in between
those hours you can do some really neat stuff

with this and this is the one that I like
here’s the website for the paid version right

here now if you’re going to go with with the
paid versions of anything of any of these

your best value is really going to be out
of the I themes one because if you go the

word fence it’s cost per site annually and
with high theme security say you are making

websites for customers right here they have
a lifetime options you just give him 300 bucks

and a you can use it on unlimited sites and
you get lifetime updates which is really rare

these days and you only get one year support
which is reasonable so if you want support

after the one year I’m sure there’s some reasonably
priced fee I have never needed support and

it works really well for me and that’s all
that that cost let’s take a look at this one

right here is called a defender now defender
is from WPMU dev and that’s a website I know

it’s kind of a tongue twister there and they
make this is like a hodgepodge of plug-ins

that they make in and all kinds of different
things things that they make and what I found

with their stuff is they they they look good
but none of them really work well because

they don’t specialize in anything there that
will actually specialize in one thing that

it’s called WordPress multisite and that’s
it their WordPress multi site I here’s their

stuff is good but everything else it’s just
like a me too product while everyone else

has a security product will we want one to
an everyone house has an opt in product so

we want one to everyone else as a page builder
so we want went to I tend to stay away from

trusting my website with those types of companies
that make those types of products and that

is the BPM you Deb but essentially this is
a security plug-in that it’s a freemium they

recently released it on the freemium model
they’ve had the paid version for a while and

the thing I don’t like about it it’s a pretty
plug-in and I think where they excel is in

supplant simplicity it’s a lot more simple
to install and configure but what I don’t

like about it is you don’t get that network
feature that brute force networking feature

with the free version you do get that the
paid version of this so this is a another

plug in so out of these five plug-ins I meant
to do tutorial on the word fence on the do

tutorial on I themes security my favorite
is I theme security am also going to do tutorial

on security in these videos and I’ll be in
a playlist and I’ll release one a day over

the next couple days tomorrow most likely
I will do the I themes security one so these

are the various WordPress security plug-ins
that I am going to evaluate and recommend

and I’ve used anima to make tutorials on but
I want to know what security plug-in you use

and why and I also want you to say if you’ve
tested your speed with it on or off and that’s

a big question people will say oh I love XYZ
but they’ve never tested the speed of their

sites with it enabled and with the disabled
I think people would be shocked with a see

if they have word fronts on their website
so anyways thanks for watching this video

leave a comment down to below

My passion is making the best quality video tutorial online, for non-techies. When I am not behind the camera, I am usually helping out one of my YouTube subscribers.

Join The Conversation

Your email address will not be published. Required fields are marked *

  1. Hi Adam, thnx for this great video!

    Just wondering: do you know anything about Shield Security for WordPress? And if so, what’s your opinion?

    Looking for a good security plugin, this one got my attention, and by the reviews around, it seems to do a pretty good job…


    1. Hey Marc, I have never heard of that one. I know there is a bunch out there, I just always want one that has a centralized blacklist.

      1. Hi Adam, just installed iThemes, and it feels quite good. However, 10 minutes later I watched your video (webinar) with a topic “Is iThemes still reliable?”Guess what: I’m doubting again…

        In the past I’ve always used Wordfence, and with Live Traffic turned off (and may be some other settings) and WP Rocket as caching plugin, I’ve never experienced performance issues. As said, I gave Shield Security a try and it seems to do a good job too.

        Just wondering: have you done any more research, and can we expect a video on security one of these days; a kind of update/follow up?

        And don’t worry mate, you’re not responsible for me listening to your info and making my own choices; the one responsible for that is just me 😉

        1. So it’s tough. I prefer iThemes Security over WordFence, but those are the only 2 with a centralized network to limit brute-force attempts, which I think is a must. That being said I am not happy that the company changed hands, that has traditionally always been a negative.

          1. Thnx for the info again, Adam; didn’t know Wordfence has a centralized network too. Good to know! Yesterday I decided to move my hosting to Siteground, since they get tons of excellent reviews (about speed, security, customer support etc). I read their page about WordPress security with Siteground hosting:


            It says nothing about using an additional plugin. So I asked the guys: “So if I decide to host my site at Siteground, and follow the steps in the tutorial ( without addional plugin, I should be pretty safe?”

            The answer: “Yes.” Period.

            And: “Actually it is indeed since we pre-secure the hosting on multiple level, we are fully managed WP webhost; as such we make sure our clients will have minimal effort and carefree experience.”

            So with their hosting, I hope it’s indeed not really necessary to have additional plugins; and just to be sure, I guess I’ll use Wordfence (again), since they have a centralized network as you explained.

          2. A good host will have some proactive measures in place, but it will not fully replace a security plugin solution. They pretty much only watch for brute-force login attempts.

Stay Up To Date

Enter your name and email for the lates news, updates, and tutorials.