Jetpack is a popular all-in-one plugin from Automattic, the same folks behind WordPress.com and WooCommerce.
Unlike all of the other plugins on this list, Jetpack is not focused on just WordPress security, but it does include plenty of security features across its free and paid plans.
The free version helps secure your WordPress login with brute force protection and the option to use secure WordPress.com sign-on. That is, you can log in to your own WordPress site using your WordPress.com credentials.
With the paid plans, you also get access to backups and malware scans (these features were previously called VaultPress. Now, VaultPress has merged with Jetpack).
The backup and scan features are tied together, which is part of what makes them unique. With most malware scan tools, the tool scans the files on your actual WordPress server. This is good for catching malware, but it also eats up resources on your live website’s server.
With Jetpack, Jetpack first backs up your site to an off-site location. Then, it scans the backup copy of your site for malware, which means it won’t affect the performance of your live website.
As part of its scans, Jetpack looks for:
- Changes to core WordPress files
- Web-based shells
- TimThumb vulnerabilities
If Jetpack does find something malicious, it can help you repair the issue.
Price: Some features are available in the free version. Malware scanning is available on the Premium plan and above, which starts at $9 per month. This also gets you access to lots of other Jetpack features.