Wordfence CLI 2.1.0

Wordfence CLI 2.1.0 Adds Email Capability and Unattended Configuration

Note: This post refers to Wordfence CLI, the command line tool for operations teams to rapidly scan large numbers of WordPress websites for vulnerabilities and malware, not the Wordfence plugin which is deeply integrated into WordPress and provides additional functionality, like a firewall, two-factor authentication and more.

We’ve just released Wordfence CLI 2.1.0 which includes two exciting new capabilities. Wordfence CLI can now email you a summary of scan results for both the malware scan and the vulnerability scan. These emails can be sent directly, or via an SMTP server. Now when Wordfence CLI detects malware or finds a vulnerable plugin or theme, CLI will notify you of the results. This is a feature we’ve been asked about quite a lot, so we’re happy to be able to share it with the world!

The second feature adds a non-interactive configuration option that allows Wordfence CLI to be deployed at scale, unattended, by operations teams using configuration management. We wanted to avoid forcing users to run CLI in interactive mode, because we understand that larger network administrators will be deploying CLI unattended and automatically using configuration management systems.

Get Emails From CLI

Wordfence CLI can be configured to send a summary of scan results for both the malware scan and the vulnerability scan to your email address. Here’s a basic example of the email functionality in action:

wordfence malware-scan --email example@example.com

The email will only be sent when the scan finds something, for instance, a file containing malware, or a WordPress plugin that has a vulnerability. Wordfence CLI can also be configured to use an external SMTP server. We recommend storing the SMTP credentials in the INI rather than supplying them as command-line parameters. View the full documentation on the new email functionality here.

Configure CLI Automatically

Additionally, we’ve added a non-interactive configuration that allows users to deploy and automatically configure Wordfence CLI without having to go through prompts to create the initial INI file. Here’s an example of it in action:

wordfence configure --request-license \
    --accept-terms \
    --workers 1 \
    --default \
    -o

This will automatically fetch a free CLI license and accept our terms of use, followed by creating an INI file with the supplied configuration information. This is useful when deploying CLI across multiple servers or environments where the configuration may differ between systems. For instance, we can configure the number of workers CLI uses dynamically based on the number of cores available on the system:

wordfence configure --request-license \
    --accept-terms \
    --workers `grep '^processor\s\+:' /proc/cpuinfo | wc -l` \
    --default \
    -o

This change also includes a new subcommand wordfence terms, which allows you to see the current terms of service for CLI. We’re excited to see our users deploying Wordfence CLI at scale!

Wordfence CLI 2.1.0 also fixes several bugs. See the full changelog here.

Did you enjoy this post? Share it!

Comments

1 Comment
  • Really happy you guys have done this. Begining the new year, I will test WF-CLI for sure.

    Do you perhaps have any 3rd party blogs, reviews etc.? Not "afraid" of testing it out - just happy to join some community created content.

    Once again, thank you for the work you´re doing for WP world!