Updates on WordPress security, Wordfence and what we're cooking in the lab today.

Category Archive: Wordfence

Wordfence Blog

Wordfence Site Cleaning Guarantee Extended to 1 Year

This entry was posted in Wordfence, WordPress Security on November 19, 2020 by Kathy Zant   0 Replies

Today, we’re pleased to announce that all customers of Wordfence site cleaning services receive an 1-year clean site guarantee. If your site is compromised again after our team has cleaned and secured your WordPress site, we’ll clean it again for free. Additionally, we’re expanding our Security Services Team coverage to 24/7 effective immediately. The Wordfence …
Read More

Introducing Wordfence Central Teams

This entry was posted in Wordfence on October 27, 2020 by Matt Barry   5 Replies

Last year, we introduced Wordfence Central and today thousands of WordPress site owners are using this free tool to manage their WordPress sites. Whether you’re using Wordfence Premium or still on the free plugin, Wordfence Central makes it possible for you to manage your sites’ security settings, tune your security alerts, and quickly assess security …
Read More

Common Ways Attackers Are Stealing Credentials

This entry was posted in General Security, Wordfence, WordPress Security on October 02, 2020 by Chloe Chamberland   2 Replies

A few weeks ago, we reviewed some of the worst website hacks we’ve ever seen. Every one of them started with poor password choices and escalated into a disastrous event for the site owner. Strong passwords and good password hygiene are often the first line of defense. On September 29, 2020, the Wordfence Live team …
Read More

The Hacker Motive: What Attackers Are Doing with Your Hacked Site

This entry was posted in General Security, Wordfence, WordPress Security on September 16, 2020 by Chloe Chamberland   6 Replies

Yesterday, September 15, 2020, the Wordfence Live team covered The Hacker Motive: What Attackers Are Doing with Your Hacked Site. This companion blog post reviews the motives we discussed live during Wordfence Live and dives deeper into the minds of attackers. You can watch the video of Wordfence Live below. Timestamps You can click on …
Read More

10 WordPress Security Mistakes You Might Be Making

This entry was posted in General Security, Wordfence, WordPress Security on August 19, 2020 by Chloe Chamberland   15 Replies

Yesterday, August 18, 2020, the Wordfence Live team covered 10 WordPress Security Mistakes You Might be Making. This companion blog post reviews the recommendations we provided to avoid these mistakes and better secure your WordPress environment. You can watch the video of Wordfence Live below. Timestamps You can click on these timestamps to jump around …
Read More

Malware Detection: Measuring Recall to Catch Them All

This entry was posted in General Security, Wordfence, WordPress Security on June 24, 2020 by Ram Gall   2 Replies

At Wordfence, we take performance seriously on all levels. While speed is one way to measure performance, there are other metrics that are equally important. Over the past year, our Threat Intelligence team has improved our malware scan by leaps and bounds. We wanted to share some of the metrics we use and what they …
Read More

Defiant Participating in Privacy Shield Framework

This entry was posted in Wordfence on June 22, 2020 by Kathy Zant   0 Replies

Defiant, dba Wordfence, is now listed on the Privacy Shield certification list participating in both the EU-U.S. and Swiss-U.S. Privacy Shield frameworks. The purpose of these frameworks is to allow for the lawful transfer of personal data from the European Union and Switzerland to the United States. Two years ago when the General Data Protection …
Read More

Vulnerabilities Patched in Page Builder by SiteOrigin Affects Over 1 Million Sites

This entry was posted in Vulnerabilities, Wordfence, WordPress Security on May 11, 2020 by Chloe Chamberland   5 Replies

On Monday, May 4, 2020, the Wordfence Threat Intelligence team discovered two vulnerabilities present in Page Builder by SiteOrigin, a WordPress plugin actively installed on over 1,000,000 sites. Both of these flaws allow attackers to forge requests on behalf of a site administrator and execute malicious code in the administrator’s browser. The attacker needs to …
Read More

Wordfence Helping Our Friends in Australia Fight Bush Fires

This entry was posted in Wordfence on April 20, 2020 by Kathy Zant   0 Replies

Last fall as wildfires ravaged much of Australia, we were deeply affected by the stories of destruction coming out of numerous communities. As a global company with customers and friends in the region affected by these events, we looked for opportunities to help, much like we did with the WordCamp Asia Cancellation Fee Assistance program. …
Read More

Vulnerability Patched in Import Export WordPress Users

This entry was posted in Vulnerabilities, Wordfence on March 11, 2020 by Chloe Chamberland   0 Replies

On February 26th, our Threat Intelligence team discovered a vulnerability in Import Export WordPress Users, a WordPress plugin installed on over 30,000 sites. The flaw allowed anybody with subscriber-level access or above to import new users via a CSV file, including administrative-level users. We reached out to the plugin’s developer on February 26th, who responded …
Read More

Follow Us

      


Protect your websites with the #1 WordPress Security Plugin

Get Premium
Over 150 million downloads

Wordfence Newsletter

Get WordPress Security Alerts and Product Updates