Wordfence 6 Updates: Keeping the Bad Guys at Bay

Security is ever changing. Hackers, exploiters, and script kiddies never really sleep. They keep poking, and prodding, and testing, always trying to find a way to do what they want to do. Sometimes they want to use a website to host malware. Sometimes they want to use a website to send spam. Sometimes they just want to change your homepage to say “YOU GOT HAXORED!!!”

Regardless of why they do it or how they do it, the end result is the same.   It’s a pain in the neck to you. And because the bad guys never stop looking, here at Wordfence, we never stop. We keep improving our plugin and adding signatures for new threats as they arise. Security is what we do, and we do it well.

It was just about three weeks ago that we released version 6.0.1 and it sure was a watershed moment for Wordfence. We released a brand new version, we passed 6 million downloads, and  began more robust support for IPv6. Since that time, we’ve released 5 more times, each time making the plugin better than before. We thought it might be a great time to recap and talk about some of the important changes that have been made over the past 3 weeks.

* We began officially supporting IPv6. This included whois lookups, IP range blocking, IPv6 city lookups on our live traffic page, country blocking, and all of our other security functions. This wasn’t a small change either. It required examining almost every bit of code we had written, modifying some, removing some, and writing some from scratch.
* We addressed websites’ server performance issues by adding focus/blur events to the scan activity area.
* We introduced option table scanning based on some very nasty code we found out in the wild. This code generated spam urls in the database, visible to Google but hidden from the public and on the posts page. The user was only alerted after Google flagged him as being hacked. After finding that, we discovered several other similar cases and acted quickly to add the scans. This work also included merging the new vulnerability scans with the existing option table scanning, resulting in better detection and performance overall.
* We improved detection for Googlebot to make absolutely sure your site continues to get crawled while the bad guys are kept out.

These are just some of the things we did. Overall, we made around 38 changes and updates, added multiple samples to our scan engine every day, supported 800.000 active Premium and free users, and more.

So, what are we trying to say in this post?  Are we just tooting our own horn?   Are we taking a second to brag about how great we are?   No.  We want to remind you, our customers, that we value the trust you put in us and we just wanted to let you know that however hard the hackers work, we’ll work harder.   That’s what we do at Wordfence.  We work hard so that you can rest easier.

Did you enjoy this post? Share it!

Comments

41 Comments
  • Just wanted to take a moment to thank you guys for a well built security plugin. It is lightning fast and it helped me get rid of all the malware doorways that were injected into one of my sites. When I took over, the site was a mess. Also, it was hurting the rankings on Google. The site has begun to climb back up again and I have you and your plugin to thank for helping me find the nasties.

  • Thank you, Tim, and all of you guys at Wordfence. You're doing a great job at protecting our websites.

  • Wish I'd had this plug-in a few months ago, would have made a big difference !
    Now that it's protecting our site, I see how many b******s trying to get in to mess things up !!
    Thanks guys for a terrific, free, defense line (thinking about getting a Premium version for the future)

    grtz John

    • Yeah, it amazes me too to see how many try to login to use admin login [of course we change it and never use 'admin' username] or get locked out. Wordfence is awesome!

  • Nice job, really appreciate your efforts. We use your product to limit security risks among our managed wordpress hosting clients. Thank you for working harder and aspiring to be the security product of choice for so many wordpress websites.

  • A thousand thank you's for all you do, Wordfence! Happy to know about all the upgrades.

  • Thank strive every day and offer security for our sites. Very grateful to all your gear

  • Nice job. Thanks!

  • Wordfence saved one of my clients from disaster. It's a class act, and I wouldn't even think of putting a site out there without it. Thanks for your outstanding work.

  • Right now I only got the free version, it is working great,
    as soon I'm in some money I will get the Premium Version
    Alexander

  • I'll ditto all the above. THANK YOU!

  • Thanks for your sterling work fellas.

    I have been saved several times by your plugin on my 30 or so wordpress sites. I have a premium license (which I heartily recommend, for increased peace of mind) for my most frequently hit site, but get by with the free version on others.

    There are a few things that I get from NinjaFirewall that are sometimes useful in tandem with Wordfence, as it intercepts the incoming request before the code is run, they work well together.

    Well done and thanks again!

  • This is the plugin I have wanted for years now.

    I have taken many steps to sure up our sites and Wordfence has most all of the tools in one place. 5 stars!

    Thank you, Alan

  • Two years ago, I started my own website, everyone I asked told me just one word "WORDFENCE" - it is all they said regarding website security. Now two years later, I understand why, and would do the same if anyone asks me - just say WORDFENCE.

    Thank you guys for protecting my site, and giving a lot of people a peace of mind.

    Thank you

  • great job guys

  • I really thank for this team make me feel safer everytime I'd go to sleep. Now I always use this plugin to all my site.

    And the falcon engine...INCREDIBLE!!!

  • Thank you so much for all you do. I'm only able to use the free version right now, but as soon as business gets better, I will pay. Thanks so much for keeping us safe!

  • Thanks Tim and all the team at Wordfence. Having recovered ( well almost) from having some of my websites hacked I'm on a personal mission to tell everyone I know offline, and online through my blog about security issues and how they can defend against attack. Prevention is so much better than cure.

    Thanks again for your great product and all your efforts.

  • We love your awesome plugin! Thank you so much for it and for your great work improving it all the time!
    We had terrible brute force attacks on our server and many sites were hacked, cpanels compromized, spam sent out and files installed on our sites. After that we installed WordFence and no longer troubles since we did this in Dec 2014! We also use a great plugin to manage auto updating WP core (minor versions) + plugins + theme. It is Simple Firewall plugin and deals also with eliminating comment spam and form spam, logins etc. Very complimentary to your plugin and eliminates need to keep visiting each site to update it - a tip, in case your readers want an easier life!

    Greets,

    The wicked witch Gorgoretta [The Voice]

    • Also, thanks to your plugin's protection our overall server's performance improved greatly. We had endless downtime for a long time till we detected and cleared out all infections. Our uptime now is 99.99% no troubles anymore! Thank you!

  • Thank you guys for your job! The plugin is awesome!

  • Many thanks! You folks are awesome! :)

  • I have only been using this plugin for less than two weeks; I am amazed at how many times Wordfence has had to block people from trying to sign into my site. I sleep a lot better knowing this great program is on the job.

    Thanks so much for all you work, it is appreciated!

  • I would like to thank everyone at word fence for keeping my site safe and secure. I sure could never do it on my own. When people ask me how do I protect my site I simply reply Wordfence.

  • Thank you for always updating and taking care of us (whether free or premium). I use WordFence on all my clients' sites and many have bought premium version.

  • Love u guys so much

  • I blog for fun, so I use the free version of Wordfence, and I am thankful to have it. It is an amazing service that you guys are providing, and I hope you know how much it is appreciated. I can't imagine serious on-line businesses being without it - I think the paid version would be worth every penny. Thanks again, and take care!

    • I completely agree here...but the question is have you paid the whopping $3.20 a month or $37 bucks for the whole year for the paid version?

  • I honestly don't know why anyone would have a Wordpress site and NOT have Wordfence installed. It's amazing. I have sat by and watched as hackers try to gain access, but are immediately blocked by this fantastic plugin. The work you guys do is simply fantastic. Thank you.

  • Thank you so much for all you do to wordpress users. Good job!

  • Nice job guys.. :)

  • Love, love, love your plugin. I have the free version....a life saver. When my ship comes in I am paying. I pay forward by telling people with money to purchase it and they do. Thanks guys and gals........

    tunukwa

  • Fantastic work guys, it is really appreciated!

  • Great sense of security when using Wordfence and I do suggest it all to my clients as a mandatory tool for their WordPress installation. Keep up the good work and looking forward to any new features you introduce.

  • whois lookups looks particularly interesting.
    Many thanks
    Simon

  • thanks wordfence for being available for small businesses for free.

  • You guys do awesome things for us. Please, keep doing the good work for us.

  • Hi all,

    Just wanted to say thanks very much for the support and comments. We really appreciate it - the whole team has been visiting the blog and reading this.

    This was Tim's first post and he knocked it out of the park, so you'll definitely hear from him again.

    Regards,

    Mark.

  • Thanks for giving my company peace of mind. Love your amazing plugin!

  • Thanks Wordfence! I got hit 19 times in less than a week from all over the planet. None of them got in, but it was relentless for the past few days. I blocked every IP address, but they seem to just come back with a new address. I saved all of them though. Thanks for Regina who put me on to this plugin, and for the peace of mind I get from Wordfence.
    Sincerely, ShariLee

  • I can only say, Wordfence is the ONE indispensable plugin for any WordPress site, as it has saved my bacon more times than I can recall.