Wordfence is the flagship product of Defiant Inc. Millions of WordPress site owners rely on Wordfence to protect their websites, their customer data and their investment. Install Wordfence today and lock down your WordPress site in minutes.

Defiant

Our Story

Wordfence is incorporated as Defiant, Inc., a Delaware company. We are a small team that is passionate about software engineering and delivering excellent customer service. Wordfence has been downloaded over 150 million times, and is consistently one of the top plugins for WordPress on WordPress.org. The Wordfence WordPress Security plugin protects over 3 million active WordPress websites.

Explore Defiant

Notable Research Coverage

Millions of WordPress sites hit in wide-ranging attack

TechRadar

Barclay Ballard

November 18, 2020

Ultimate Member Plugin for WordPress Allows Site Takeover

Threatpost

Tara Seals

November 9, 2020

WordPress plugin bugs can let attackers hijack up to 100K sites

Bleeping Computer

Sergiu Gatlan

November 9, 2020

WP Bakery WordPress Vulnerability Affects Millions of Sites

Search Engine Journal

Roger Montti

October 7, 2020

Post Grid WordPress Plugin Flaws Allow Site Takeovers

Threatpost

Tara Seals

October 5, 2020

General Business Inquiries

Do you have a press inquiry or want to ask about partnerships, a feature or idea or other general business inquiries?

Let's Talk

Check Out The Latest From Our Blog

PHP 8: What WordPress Users Need to Know

November 23, 2020

Ram Gall

PHP 8.0 is set to be released on November 26, 2020. As the programming language powering WordPress sites, PHP’s latest version offers new features that developers will find useful and improvements that promise to greatly enhance security and performance in the long run. It also fully removes a number of previously deprecated functions. PHP 8 …
Read More

Episode 96: Hosting Provider Failures and Incident Response Preparedness

November 20, 2020

Ram Gall

Two hosting providers experienced outages this week. GoDaddy had a brief outage affecting numerous systems on Tuesday, November 17. Managed.com had an extensive outage due to ransomware that affected all systems. We discuss what types of incident response preparations site owners should consider when events beyond their control occur. We also discuss a large-scale attack …
Read More

Wordfence Site Cleaning Guarantee Extended to 1 Year

November 19, 2020

Kathy Zant

Today, we’re pleased to announce that all customers of Wordfence site cleaning services receive an 1-year clean site guarantee. If your site is compromised again after our team has cleaned and secured your WordPress site, we’ll clean it again for free. Additionally, we’re expanding our Security Services Team coverage to 24/7 effective immediately. The Wordfence …
Read More

Large-Scale Attacks Target Epsilon Framework Themes

November 17, 2020

Ram Gall

On November 17, 2020, our Threat Intelligence team noticed a large-scale wave of attacks against recently reported Function Injection vulnerabilities in themes using the Epsilon Framework, which we estimate are installed on over 150,000 sites. So far today, we have seen a surge of more than 7.5 million attacks against more than 1.5 million sites …
Read More

Episode 95: Critical Privilege Escalation Vulnerabilities Affect Over 100K WordPress Sites

November 13, 2020

Kathy Zant

Three critical privilege escalation vulnerabilities in the Ultimate Member plugin put over 100,000 sites at risk. We also talk about the Page Experience metric to be added as a ranking signal for Google search in May 2021 and what this means for WordPress sites using page builders or Gutenberg. Microsoft warns against using telephone/SMS-based multi-factor …
Read More

Critical Privilege Escalation Vulnerabilities Affect 100K Sites Using Ultimate Member Plugin

November 09, 2020

Chloe Chamberland

On October 23, 2020, our Threat Intelligence team responsibly disclosed several vulnerabilities in Ultimate Member, a WordPress plugin installed on over 100,000 sites. These flaws made it possible for attackers to escalate their privileges to those of an administrator and take over a WordPress site. We initially reached out to the plugin’s developer on October …
Read More

View More Blog Posts