Top WordPress Security Plugins To Check Hacked WordPress blog

WordPress is a php & database based blogging platform and is always targeted by hackers. There are many WordPress plugins are there which are very useful to prevent WordPress hacking. Here I have created a list of  Top WordPress Security Plugins which will help you to protect your blog from hackers.

WordPress Security Plugins

We have already informed how hacked WordPress themes harm your blog and why you should not download free premium WordPress themes. Anyways, many bloggers still fall for such trap and download WordPress premium stuff from unreliable sources. In most of the cases, you will not even realize that your blog is hacked and hacker will be passing link juice to spam site or using it for other unethical uses. Anyways, we will keep this discussion for some other time and for now, we will look into some of the top WordPress security plugins.

When ever we talk about hardening WordPress security, we suggest some basic security tips like use WordPress backup plugins, implement recaptcha test , secure WordPress directory browsing. At times, it’s impossible to do all these tasks at once. These mentioned security plugins for WordPress will be helping you by taking care of all basic and advanced WordPress security measures.


It’s not necessary to keep all these WordPress plugins active all the time but it’s a good security practice to run these plugins once in a while, to make sure your WordPress blog is not hacked or contains any malicious code.

List of Top WordPress Security Plugins

If you are planning to use any of these plugin to detect hacked portion of your blog, I suggest you to do following things before using any of these plugin:

  • Update your WordPress blog to latest version.
  • Update all themes and plugins to latest version.
  • Delete any plugins and themes you are not using
  • Login to your WordPress blog via FTP and check for files which are modified recently. Most of the time this is the easiest way to find recently modified files. You can also use 2nd WordPress security plugin from the list to find recently modified WordPress file.

Anti-malware and Brute-Force Security by ELI:

This is the first WordPress security plugin which I would recommend you to install and use it to find hacked files. I have tried many plugins, but this plugin helped me 2 times to find the hacked files and quickly fixed my hacked WordPress blog. This plugin scans your hacked blog against multiple known threats and will show you affected file. Below is a screenshot from one of my blog which was hacked around Christmas of 2014 and I found all the hacked files (It was because of the theme).

WordPress hacked plugin

Once you activate and run the scan using this plugin, it will take some time to scan your Website. In my case for a small website (less than 50 posts) took about 15 minutes. You can download the plugin from here.

WordPress Antivirus

This is one of the best WordPress security plugins, which scans WordPress theme for WordPress permalink backdoor malware. Besides this plugin scans all theme files for malware injections and vulnerability. This plugin scans files daily and can notify via email. <link>

Acunetix WP Security

Acunetix WP Security

It is an excellent  security analyzer plugin for WordPress. It offers multiple features to check your WordPress blog for any modified files in the specified range and you can also enhance the security of your WordPress blog by hiding WordPress informations.  You can also change WordPress file permission with this plugin. It also tells about invalid login attempts. You can also change the default WordPress database prefix using this plugin with one click.  <link>

Exploit Scanner

It is a very good plugin. It scans wordpress files and database and highlights all code which may be suspicious. It shows all suspicious encrypted codes such as base64 decode and hidden code by css. This plugin is very useful for an expert. <link>


TAC means theme authenticity checker. It mainly scans WordPress theme for any encrypted link  i.e. a link which is not visible in theme file but appears when blog is loaded. <Link>

If you know any other useful security plugin for WordPress blog which deserves to be in this list of top WordPress security plugins, than do let us know via comment. Also, what other method do you use to prevent your WordPress blog from hacking?

Subscribe on Youtube


COMMENTs ( 15 )

  1. says

    Shariq, I have used TAC and it was a life saver. It detected encrypted code in a free theme I had built my blog around.I use it for every theme I use.

  2. Marry Smith says

    I am going to make a blog on wordpress. I need a antivirus plugin for that after reading this relevant article my query resolved easily. I can easily update this tool for my wordpress blog.
    Can you tell me is there any other hacker tool also available in wordpress theme due to which i can easily track the visitor.

    Please tell me as soon as possible.

  3. melanie says

    I am really interested in the anti virus plugin, but is it really ok to install it without slowing down my website?
    thanks for the advise!

  4. Deon Fialkov says

    Thanks for your post…quite a read.

    I installed antivirus plugin for wordpress. It detected a virus and kicked me out of wordpress.
    I can’t now log in to my site.

    Anyone know what I can do?

  5. CypherHackz says

    Thanks for sharing bro. This is the first time I heard about WordPress Antivirus. Can’t imagine a CMS can have its own antivirus script to check for malware and malicious codes.

  6. Shiva says

    It is really important to have a highly secured blog because nowadays a lot of hackers are on a prowl. The plugins you have mentioned will help a lot to make our blogs secure. Thanks a lot dude

  7. kbharath says

    Thanks for sharing these security tools for wordpress mate. i havent used any of the tools till now, i am going to try these tools today.

  8. Shekhar Saxena says

    Bro.. I am really really thankful to you… I had many small snippets on my theme-functions.php file and guess what.. i had never checked that.

    Thanks a lot for telling us such a wonderful plugin.
    Thanks :)

  9. Roy Scribner says

    That is a good list, Shariq – I have used a file monitor and the Bad Behavior plugin before, but not any of those.

  10. Bilal Ahmad says

    WordPress Anti Virus is not the good one. It consume memory and also effect blog loading time. I have tried it for 7 days on one of my blog and then delete it.

  11. FAQPAL says

    We use “Exploit Scanner” and “WordPress Firewall” neither of which seemed to have slowed our blo’s performance.

    Good list guys.