No WordPress webmaster would like to have his/her site hacked. Unfortunately, there are no easy ways to keep your website protected against all hack attacks. But you can make the process more difficult to keep inexperienced and lazy hackers at bay. Securing your login page is a good start. There are things you can do on your website to handle brute force attacks on your login page. Forcing people to make secure connections to your website is another way to handle that. In certain situations, you may not be able to implement SSL on your website. Semisecure Login Reimagined comes handy in those situations.
This plugin will encrypt your password on the wp-login.php
, wp-admin/profile.php
, wp-admin/user-edit.php
, and wp-admin/user-new.php
pages. Want to enable this capability on other pages? A guide is provided with this plugin to make implementing it easier.
There is a caveat though. This plugin only works when Javascript is enabled. At the same time, it can add an additional layer to reduce vulnerabilities on your login page. It is pretty useful when SSL is not available.