Our great sponsors
-
ModSecurity
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. With over 10,000 deployments world-wide, ModSecurity is the most widely deployed WAF in existence.
-
wpscan
WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via [email protected]
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
I would recommend mod security which can be installed as a module for most web services like nginx and apache (and is open source). You can use the OWASP ruleset with some additional wordpress specific rulesets.
There is a free wordpress security scanning service that you could leverage for regular security auditing of your site called WPScan that is fantastic on detecting and auditing common vulnerabilities to plugins and security exposures.