Akismet protects your blog’s commenting section from hyperlink spam and spammy anchor text URLs posted by users as well as spam bots. The plugin also protects your installation from TrackBack and Pingback spam (which is also known as sping).
iThemes Security (formerly known as Better WP Security) plugin allows you to secure your WordPress installation in more than 30 ways. Install the plugin for your blog and once the installation is successful, you will see following Secure your site now button at the top of your dashboard:
Wordfence is a powerful WordPress plugin which protects your website from Distributed Denial of Service (DDoS) attacks, malicious web crawlers and other types of attack techniques commonly used by hackers, script kiddies etc. The plugin can also scan your entire installation in real time for various types of existing as well as new vulnerabilities like Heartbleed etc.
Important note: If you are going to enable multiple CloudFlare security application for your domain, then keep in mind that they may interfere with one another or may conflict with the functionality of an existing security plugin of your installation. If your site is not working as expected, then you are required to disable the CloudFlare application which you have recently enabled or simply uninstall the plugin which is conflicting with CloudFlare. Keep in mind that if a plugin in your installation blacklists the IP addresses of any of the below mentioned applications, then you will have to whitelist them manually or contact your host.