On Wednesday afternoon a small percentage of WPEngine websites using a paid version of Wordfence experienced a 500 Internal Server Error or white screen on their sites due to an erroneous firewall rule that we released. If you have experienced this issue, please check your email which contains instructions to fix the issue. You can …
Read More
Last August, at Black Hat 2022 in Las Vegas, we launched Wordfence Intelligence, a product designed to provide large enterprise customers with rich IP threat data, malware signatures, malware hashes, and vulnerability data to help keep enterprise customers and networks secure. Our mission at Wordfence is to secure the WordPress community, and to that end we …
Read More
On February 15, we made the exciting announcement that the latest release of Wordfence, version 7.9.0, includes a new feature: WooCommerce 2FA (two-factor authentication) for customer level users. What does this mean for you as an e-commerce store operator? And how can you start using this feature? Let’s dive in. Why Customer Level E-Commerce Users …
Read More
The Wordfence 2022 State of WordPress Security Report was released on January 24th, 2023. One area that we reviewed in this report were the vulnerabilities disclosed in 2022. Keeping in mind that some vulnerabilities affected multiple plugins, themes, and WordPress core, a total of 2,370 vulnerabilities were reported in 2022. The top five vulnerability categories …
Read More
Wordfence 7.9.0 has been released and it includes a very exciting feature for WooCommerce sites and other WordPress sites wanting to make two factor authentication (2fa) available to their site users or members. Wordfence 7.9.0 now lets you give your users the ability to configure 2fa on their profile pages. For WooCommerce websites, by enabling …
Read More
On January 19th, 2023, a member of the Wordfence Threat Intelligence team received an email from their personal blog, claiming the site had been hacked, and we received two reports from Wordfence users who received the same message. The email claimed that the site had been hacked due to a vulnerability on the site. The …
Read More
Winter brings a number of holidays in a short period of time, and many organizations shut down or run a skeleton crew for a week or more at the end of the year and beginning of the new year. This makes it easier for would-be attackers to find success as systems are not as closely …
Read More
Today we are incredibly excited to announce that Wordfence is launching an entirely free vulnerability database API and web interface, available for commercial use by hosting companies, security organizations, threat analysts, security researchers, and the WordPress user community. This is part of a larger project known as Wordfence Intelligence Community Edition, which we are launching …
Read More
The Wordfence Threat Intelligence team continually monitors trends in the attack data we collect. Occasionally an unusual trend will arise from this data, and we have spotted one such trend standing out over the Thanksgiving holiday in the U.S. and the first weekend in December. Attack attempts have spiked for vulnerabilities in two plugins. The …
Read More
Wordfence 7.8.0 is out! A huge thanks to our quality assurance team, our team of developers and our ops team for planning, implementing and releasing Wordfence 7.8.0. This release has several fixes to make Wordfence even more robust, and includes a fundamental change in the way our signup works. Since our launch in 2012, the …
Read More