Updates on WordPress security, Wordfence and what we're cooking in the lab today.

Author Archive: Dan Moen

Wordfence Blog

Ask Wordfence: Why Is an Insignificant Site Like Mine Being Attacked?

This entry was posted in Ask Wordfence, WordPress Security on March 14, 2018 by Dan Moen   9 Replies

This question came in from Keith, a Premium Wordfence customer. We’ve dealt with this question a few times in different ways on the blog, but pulling it all together sounds like a great post. Let’s dive in! At a high level, an attacker views a vulnerable website as a juicy collection of resources that they …
Read More

Wordfence 7 Update

This entry was posted in Wordfence on February 16, 2018 by Dan Moen   29 Replies

It has now been a few weeks since we launched Wordfence 7. Overall we are confident that the change was a good one. The product is now cleaner, more modern and is much easier for a new user to navigate. It was, however, a big change, and with that came plenty of questions, feedback and …
Read More

Introducing Wordfence 7

This entry was posted in Wordfence on January 24, 2018 by Dan Moen   72 Replies

Wordfence is the most popular WordPress security software in the world for good reason. The protection offered by the endpoint firewall outperforms alternatives. The scanner delivers the best detection in the industry. A long list of other features like country blocking, two-factor authentication and password auditing make Wordfence the best and most comprehensive security solution …
Read More

WordPress Supply Chain Attacks: An Emerging Threat

This entry was posted in WordPress Security on January 03, 2018 by Dan Moen   22 Replies

In the last few months, we have discovered a number of supply chain attacks targeting WordPress plugins. In this post, we explain what a supply chain attack is, why WordPress is an attractive target for them, and what you can do to protect your site. What Is a Supply Chain Attack? In the software industry, …
Read More

Three Plugins Backdoored in Supply Chain Attack

This entry was posted in Research, WordPress Security on December 27, 2017 by Dan Moen   54 Replies

In the last two weeks, the WordPress.org repository has closed three plugins because they contained content-injection backdoors. “Closing” a plugin means that it is no longer available for download from the repository, and will not show up in WordPress.org search results. Each of them had been purchased in the previous six months as part of …
Read More

New Service Vulnerability Disclosure Policy

This entry was posted in Vulnerabilities, Wordfence, WordPress Security on December 13, 2017 by Dan Moen   49 Replies

The Wordfence team regularly discovers security issues with commercial services, such as WordPress hosting providers, that put their users at risk. In some cases, the issue is quite severe, putting thousands of websites at risk simultaneously. In these instances, our standard approach has been to contact the service provider directly, provide them with the details …
Read More

Ask Wordfence: Should I Permanently Block IPs That I See Wordfence Blocking?

This entry was posted in Ask Wordfence, WordPress Security on November 15, 2017 by Dan Moen   19 Replies

This is the fifth installment in a new series we started last month called Ask Wordfence. You can access previous posts here. Today’s question comes from Brooke in Harrisonburg: When I see IPs blocked by firewall, or blocked for trying to log in, is there a benefit to permanently blocking them, one by one, or is …
Read More

Ask Wordfence: How to Limit Security Risks From Plugins

This entry was posted in Ask Wordfence, WordPress Security on November 08, 2017 by Dan Moen   11 Replies

This is the fourth installment in a new series we started last month. You can access previous posts here. Today’s question comes from Michela in Pordenone, Italy: Plugins are necessary for enhanced functionality of each WP site but the more plugins we add the higher the risk to potential threats. How can we limit this risk …
Read More

The October 2017 WordPress Attack Report

This entry was posted in Monthly Attack Activity Report, WordPress Security on November 06, 2017 by Dan Moen   3 Replies

This month’s WordPress Attack Report is a continuation of a series we have been publishing since December 2016. Reports from the previous months can be found here. This report contains the top 25 attacking IPs for October 2017 and their details. It also includes charts of brute force and complex attack activity for the same …
Read More

12.8% of Sites Have Sensitive File Disclosure Vulnerabilities

This entry was posted in Vulnerabilities, WordPress Security on October 12, 2017 by Dan Moen   5 Replies

As you probably know we launched Gravityscan this May. Gravityscan is a security scanner for any website that serves as a great complement to Wordfence. Yesterday we were analyzing aggregate scan result data from Gravityscan, and we noticed data that surprised us: 12.8% of sites we scan have at least one sensitive file visible to …
Read More


Protect your websites with the #1 WordPress Security Plugin

Get Premium
Over 100 million downloads

Wordfence Newsletter

Get WordPress Security Alerts and Product Updates