I’ve always appreciated the efforts of WP Security Scan, however there are few things that need to be updated in that plugin so that it offers a complete security plugin package. There are various threats on the internet when it comes to using a script like WordPress or any other blogging software script. SQL Injection, Cross site scripting are some of the dangers that we can instantly think of as soon as we talk about securing scripts.
In order to fill the gap that was left by WP Security Scan, seo eggheads has released a plugin that helps you block these kind of attacks and do much more than that. A short description of what it can do was seen on their plugin page -
* Detect, intecept, and log suspicious-looking parameters — and prevent them compromising WordPress.
* Also protect most WordPress plugins from the same attacks.
* Optionally configure as the first plugin to load for maximum security.
* Respond with an innocuous-looking 404, or a home page redirect.
* Optionally send an email to you with a useful dump of information upon blocking a potential attack.
* Turn on or off directory traversal attack detection.
* Turn on or off SQL injection attack detection.
* Turn on or off WordPress-specific SQL injection attack detection.
* Turn on or off blocking executable file uploads.
* Turn on or off remote arbitrary code injection detection.
* Add whitelisted IPs.
* Add additional whitelisted pages and/or fields within such pages to allow above to get through when desirable.