From Innovator to Enterprise

Trust The Global Leaders in WordPress Security

View Our Products

A Comprehensive Security Solution For WordPress

Wordfence is a global team of WordPress security analysts, threat researchers, software engineers, and support staff. We are the leaders in our field, and we focus exclusively on securing WordPress websites, and on WordPress security research. We provide 24-hour service, 365 days a year for mission-critical websites, with a 1 hour response time via Wordfence Response. To learn more about our products, check out our Product Comparison Page.

Login Security

Wordfence leads the industry in login security controls, including brute force protection, XMLRPC protection, reCAPTCHA to block automated attacks, and IP access control.

Centralized Management

Centralized security events and template-based security configuration management, 100% free. Our customers constantly tell us that Wordfence Central is too good to be true. Even users of the free version of Wordfence get full access to Wordfence Central at no cost.

24/7 Incident Response Team

Wordfence Care and Response customers receive hands-on support to install, configure, and optimize Wordfence along with continuous security monitoring from our team. Wordfence Response customers get 24/7 support and monitoring with a 1-hour response time.

Two-Factor Authentication

Two-factor authentication or 2FA has become a standard requirement for any secure service. Wordfence provides robust 2FA for your admins and users using secure open standards.

Malware Scan

Wordfence maintains the largest WordPress-specific malware database in the world. Using this intelligence trove, we produce malware signatures to block intrusion attempts, detect malicious activity, and provide robust security for your WordPress site.

The Wordfence Firewall

The Wordfence Threat Intelligence Team continuously discovers new vulnerabilities in WordPress core, plugins, and themes. We immediately release new firewall rules that protect against these vulnerabilities, which are deployed in real-time to our paid customers providing the best available intrusion prevention for WordPress.

Get An Endpoint Firewall With Wordfence

It's All About The Data

Our unique data is what makes Wordfence so effective. Premium, Care, and Response customers receive real-time updates to protection and detection rules.

Total Attacks Blocked

13,072,965,528

Malicious IPs Blocklisted

60,289

Breaking Research & News From Our Blog

View All

Wordfence Launches Wordfence Intelligence for Hosts and Network Defenders

This morning the Wordfence team is launching Wordfence Intelligence live at Black Hat 2022 in Las Vegas. Our entire team is here in Las Vegas, including our international team members. I’d like to tell you more about what we’re launching and how Wordfence Intelligence will help us go even further to make the online community …
Read More

Ukrainian Website Threat Landscape Throughout 2022

Ukrainian Website Threat Landscape Throughout 2022

The Russian invasion of Ukraine began on February 20, 2022. By mid-March it was clear the cyber-war had begun, and the attacks have been consistent ever since. Prior to this, on March 1, 2022, Wordfence reported on an attack campaign on Ukrainian university websites. In response, we deployed our real-time threat intelligence to all sites …
Read More

Wordfence Intelligence Launching at Black Hat 2022 in Las Vegas Next Week

Wordfence protects over 4 million websites around the world on 12,000 unique networks, and we block over 1.8 billion attacks targeting those websites every month. For years we have had a relationship with our customers that is a virtuous cycle: We receive attack reports from our customers at a rate of over 700 reports per …
Read More

Cross-Site Request Forgery Vulnerability Patched in Ecwid Ecommerce Shopping Cart Plugin

On June 24, 2022, the Wordfence Threat Intelligence team initiated the responsible disclosure process for a Cross-Site Request Forgery vulnerability we discovered in Ecwid Ecommerce Shopping Cart, a WordPress plugin installed on over 30,000 sites. This vulnerability made it possible for attackers to modify some of the plugin’s more advanced settings via a forged request. …
Read More

High Severity Vulnerability Patched in Download Manager Plugin

On July 8, 2022 the Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability we discovered in “Download Manager,” a WordPress plugin that is installed on over 100,000 sites. This flaw makes it possible for an authenticated attacker to delete arbitrary files hosted on the server, provided they have access to create …
Read More

analyzing attack data and trends targeting Log4j

Analyzing Attack Data and Trends Targeting Log4J

The Log4j vulnerability, initially reported in November 2021, has affected millions of devices and applications around the world. It has the potential to allow a malicious actor to take full control of vulnerable devices. As a result of how Log4j controls the logging of strings and code, the vulnerability allows malicious actors to inject malicious …
Read More

The Official Wordfence Mailing List

Receive WordPress security news before publication.

  • Wordfence is the best!

    I’ve been using Wordfence for some time now on 6 of my sites. It works extremely well and provides me with the protection from intruders that I need. I’ve only had a couple of minor issues, mostly caused by my lack of experience, but the support at Wordfence has been great at helping me out of a jam. I highly recommend the plugin, and purchasing the upgrade to the pro version is worth every penny. The plugin is easy to install and setup is simple. And.. if your host is GoDaddy, it is one of their recommended plugin partners.

    lairbear

    @lairbear

  • Amazing, Must-have for WP Site security

    My small business WP Site got hacked (built, installed and maintained by me) and a cryptocurrency miner was hidden somewhere in my code.

    I spent a week trying to eliminate that code, and my Host also looked for it, without success, meanwhile I looked like a jerk trying to mine cryptocurrency from clients and potential clients!

    I tried several other WP security plugins, and web scan sites, but none could find or fix my problem.

    I downloaded and installed Wordfence, it found and repaired my problem in less than 5 minutes!

    I’ve since enabled many of its additional features and have been stunned to learn just how many attempts there are daily to log into my page! No wonder it got hacked. Some jerk even set up a new username for himself!

    Anyhow, I’ll never have any other WP page without Wordfence, and neither should you!

    Amazing plugin, very simple and very powerful.

    Cain57

    @cain57

  • Wordfence site-cleaning team saved my client big time

    I’ve have the Wordfence plugin (free version) on dozens of my personal and client sites for a few years. Easy to install and configure, it’s blocked many attacks and I’ve never had a site hacked that had it. On one client site, we didn’t use it, they got hacked and it was nasty, they sell tickets to their events and their payment system stopped taking payments (and gave some customers virus/malware).

    Not just one site, but the client’s entire hosting account was infected. I contacted Wordfence for a site cleaning and they got on it right away. In two days, the site was cleaned and taking payments again. Wordfence running on the sites after the cleaning reported a malware backdoor in my wptwin site-cloning script. I sent the report and the wptwin.php script to the security analyst who cleaned the site and within a few hours, he replied that indeed this was a false positive. That was great service and set me at ease that the client’s site had not become re-infected.

    imagiNed

    @imagined

  • Awesome

    Wordfence is my favourite WordPress plugin. Immediately installed on all my client’s sites. Saved my bacon numerous times.

    bluesix

    @bluesix

  • Fantastic Support – The Best Solution for a Hacked Website

    If you know the horror of having your website hacked, you know the mountain of stress that comes with it. Even worse is trying to find a solution to fix your hacked website for a reasonable price without being overly sold to. This is where WordFence comes in to save the day.

    They very quickly and thoroughly fixed my hacked website, keeping me updated with the status at all times. I also received a long report detailing what was hacked, how it was fixed, and instructions to secure my website from future hacks. In a matter of days, my site was unblacklisted by Google and I’m back in business!

    While I can’t yet speak to how well WordFence secures your website from hacks, I can say that they have been the best solution for fixing my hacked website. Based on that experience, I have no problem entrusting them with securing my website going forward.

    THANK YOU WORDFENCE! It was worth every penny.

    suzippy

    @suzippy

  • Excellent support and the best security plugin

    We have been using Wordfence (free version) for years on all our 100+ WordPress websites. We haven’t had any hacked websites since then. Just recently we purchased the premium license to increase the security of our websites even more. We had some questions regarding a multi WP install on the same domain in various subfolders and received timely and professional support within a day. Everything is setup properly now and we sleep quietly at night knowing that it’s all secured.

    ByteMotion

    @bytemotion

  • Awesome Plugin and Premium Support

    Wordfence Premium has provided excellent customer service. The plugin is easy to use, and the premium support is friendly and informative. Very happy with their service.

    docmolly

    @docmolly

  • Wordfence review

    Wordfence is a top-notch plugin, even the free version has tons on functions. I strongly recommend it for not only the newbie web-designer but also the experienced one as well. It is undoubtedly a great product.

    Steve F.

    sfekete111

  • Thank you very much for providing such a good plugin and service

    Having researched and trialed various security plugins Wordfence wins hands down each time. All our websites are running Wordfence Premium and this plugin has served us very well for several years and the support team are second to none. As a small business there are an array of tasks to take care of and it is a very small price to pay for Wordfence Premium to take care of an extremely important task and is worth every penny.

    A reliable security plugin is paramount but it goes without saying this must be backed up by a good technical support team who can assist you when there is a problem. The Wordfence technical support goes beyond the call of duty and their knowledge is very reassuring when things go awry with your website.

    Phil provided an excellent service giving us the confidence we are with the right people who really know what they are doing and can explain and assist in a very succinct, knowledgeable and helpful manner.

    Having numerous plugins running on a WordPress website can result in all manner of conflicts, never mind issues that maybe caused by the hosting services used which can be a nightmare to unravel without the right technical support at hand.

    Wordfence not only protects your website from being hacked but provides a wealth of advice and excellent technical support when needed. Thank you very much for providing such a good service.

    aristocats

    aristocats

  • Best Money I Spend!

    Wordfence is by far the best and most important plug-in I have installed on every site I maintain. The free version is good, but the premium version is worth every penny and more. In fact, I refuse to create or maintain a site without it.

    daisy2love

    daisy2love