As technology advances, so do the dangers associated with it. It has never been more convenient to make and run a website, but with that, comes the risk of getting hacked. While many people undertake measures to protect their sites, there are still plenty of those who are not so technologically adept, and simply find the whole process intimidating.
Specially made for people with limited technical expertise, Security Ninja will not only highlight the weaknesses and problems, but it will also help users fix them and educate them in the process.
Installing Security Ninja
Security Ninja is fast, light and easy to use. Immediately after installation users can test their WordPress site for security issues and vulnerabilities, and get a full report on their site; including issues that can be exploited by script kiddies, hackers and the like. Besides getting a detailed report, Security Ninja also provides info on how to fix them.
To install the plugin, log into the WordPress admin. Once logged in, open Plugins, Click on ‘Add New’ and search for “Security Ninja”. A colorful Ninja logo will be the first result on the list. Click on ‘Install Now’ to begin the installation. Due to the plugin being light, the installation will take no more than a few seconds. After installation click “Activate”. A nice tooltip will immediately alert you of the new menu item under the root Tools menu and provide an easy shortcut to access Security Ninja quickly.
Running Your First Site Scan
Just click on the “Analyze Site” button in Security Ninja’s screen and all 50+ tests will run. It won’t take more than a minute, and a color-coded report will be displayed explaining which tests passed and which failed. Each test comes with a detailed explanation providing insights into why it is important, how it affects the site and how you can fix it.
Thanks to provided code snippets, instructions are easy to follow even for complete beginners. If you don’t like to mess with code snippets, you can opt for the paid PRO version which comes with the Auto Fixer module. More on that later.
More Protection from the pro Version – the Core Scanner Module
The PRO version offers more protection as it comes packed with five additional modules: Core Scanner, Malware Scanner, Scheduled Scanner, Auto Fixer, and Events Logger. All modules follow the same simplistic principle as the basic, free one – click one button, and that’s it.
To use the Core Scanner module, just click the ‘Scan Core Files’ button. Every single WordPress core file will be compared to the master, secure version stored on wordpress.org servers. If even one character is modified in the file, Core Scanner will detect that. Modified and missing files are clearly marked. You can view their source to see what kind of changes have been made and quickly restore them to their original state.
If your site has been hacked verifying the integrity of core files is crucial, and Core Scanner does a great job by making sure none of the files are compromised.
Checking Theme and Plugin Files with the Malware Scanner
Malware Scanner is another PRO module. It keeps an eye on theme and plugins files by scanning them in search of suspicious code. Not all code that shows up in the results as “suspicious” is malicious; however, it’s more than a good indicator that further inspection is needed.
If the code looks OK, you can choose to whitelist the file, so it no longer appears in the scan results. In case the file is infected you can delete it from the GUI. Although the scan can take a while if you have dozens of plugins the provided progress meter shows exactly what’s getting scanned, so you know the scanner is not stuck.
Events Logger – a Ruthless Records Keeper
The Events Logger keeps track of all events on your WordPress website. From log in and log out events, to details about who edited a page and when to who modified a particular WordPress option – Logger knows and remembers everything! If you ever had a client say “I didn’t do that” you simply need Logger. Full or partial reports can be emailed to the admin at configured intervals. Logger also knows what browser the user has and his physical address based on IP, so it’s easy to track accounts used by multiple people.
As we’ve already mentioned, all tests come with detailed explanations and code snippets that help fix issues. If you’re a complete beginner or just don’t want to mess with code PRO offers Auto Fixer. Just click “Apply Fix” on a failed test, and within seconds your site will be more secure and the issue fixed. It’s convenient and fast.
A User-Friendly Experience
Security Ninja has been around for more than five years and continuously gets updated. Not many plugins have such a track record. The free version and its 50+ tests offer an excellent value and provide a valuable insight into site’s security. It should be a plugin you install on every site. PRO adds immense value to that with its five modules that offer a complete security solution.
Check out the video how to secure your website with Security Ninja.
Getting hacked recently became more of a “when” than an “if” question but with Security Ninja, you’ll make your site much more secure and a be a much less interesting target to bad guys.
Gordan specializes in creating WordPress plugins and loves doing it. When he’s not busy working on new plugins you can find him over on WP Loop writing about all thing related to WordPress.
Peter is the founder of WP Pluginsify. He is a big fan of WordPress and loves to write about WordPress. You find him here at WP Pluginsify all the time! Cheers!