Updates on CyberSecurity, WordPress and what we're cooking in the lab today.

Category Archive: Wordfence

New in Wordfence 6.3.11: Abandoned and Removed Plugin Alerts

This entry was posted in Wordfence, WordPress Security on June 20, 2017 by Dan Moen   22 Replies

On Thursday of last week, we released Wordfence 6.3.11 which included a really exciting new feature: we are now alerting you if you are running a plugin that either appears to be abandoned or has been removed from the WordPress.org plugin directory. In this post, we explain how each of these new alerts work and why they're so important to the security of your website....read more

Wordfence Launches WordPress Security Audit Service

This entry was posted in General Security, Wordfence, WordPress Security on May 23, 2017 by Mark Maunder   42 Replies

This morning I am very excited to announce that Wordfence is officially launching a WordPress Security Audit service. Many of our customers have asked us for a service like this and it has finally arrived....read more

22 Abandoned WordPress Plugins with Vulnerabilities

This entry was posted in Wordfence, WordPress Security on May 10, 2017 by Mark Maunder   41 Replies

As an interesting research project, Pan Vagenas, one of our researchers, took a closer look at abandoned plugins in the WordPress repository. His work was inspired by a recent post by Isabel Castillo where she lists the oldest abandoned plugins in the WordPress plugin repository....read more

The April 2017 WordPress Attack Report

This entry was posted in Monthly Attack Activity Report, Wordfence, WordPress Security on May 4, 2017 by Mark Maunder   17 Replies

Today we are releasing the WordPress Attack Report for April, 2017. You can also find these previous attack reports on our blog:...read more

Home Router Botnet Shut Down in Past 72 Hours. Who did it?

This entry was posted in Research, Wordfence, WordPress Security on May 2, 2017 by Mark Maunder   19 Replies

On April 11th, 3 weeks ago, we published a story discussing routers at a specific set of ISPs that have been hacked. These routers have been used to launch attacks on WordPress websites. The ISPs with compromised routers included Telecom Algeria, BSNL in India, PLDT in the Philippines and many more large ISPs around the world....read more

20 Minutes to a Secure WordPress Website

This entry was posted in Wordfence, WordPress Security on April 25, 2017 by Mark Maunder   33 Replies

Securing WordPress has become easy thanks to the amazing work the WordPress team continuously do to fix vulnerabilities and improve the security of the platform. With the addition of Wordfence, it is possible to run a secure WordPress site and sleep well at night knowing your investment is safe....read more

Wordfence Site Cleaning Customer Reviews

This entry was posted in Wordfence, WordPress Security on April 18, 2017 by Mark Maunder   0 Replies

In June last year we officially launched the Wordfence site cleaning service. Our senior analysts Brad and Colette had worked hard to put the processes in place we needed to provide an excellent site cleaning service to our customers that was fast, effective and safe. Since then the site cleaning team and the level of service has evolved tremendously. Today I want to share some of that progress with you....read more

IP Blacklist Update: The Launch and Evolution of The Wordfence IP Blacklist

This entry was posted in Wordfence, WordPress Security on April 13, 2017 by Mark Maunder   9 Replies

One of our passion projects at Wordfence has been to find a way to create and run an IP blacklist. We have known for a long time which IPs are attacking the sites we protect and that if we can block those IPs outright, it would be a powerful way to improve the security we provide to our customers....read more

Thousands of Hacked Home Routers are Attacking WordPress Sites

This entry was posted in Research, Wordfence, WordPress Security on April 11, 2017 by Mark Maunder   64 Replies

Update: By popular request, we have created a tool that lets you check if your own home router is vulnerable to the problems discussed in this post. Visit this page to check if your home router has port 7547 open or if it's running a vulnerable version of RomPager....read more

1.4 Million Attacks in 24 Hours: 32% Blocked by the New Blacklist

This entry was posted in Research, Wordfence, WordPress Security on March 16, 2017 by Mark Maunder   26 Replies

Last Friday we quietly launched a new Premium feature in Wordfence: A real-time IP blacklist that completely blocks known malicious IPs from accessing your website. On Monday we did a second release with a few improvements. Then we announced the blacklist on Tuesday this week....read more

Get the latest WordPress security updates and news

Sign up for WordPress security alerts, Wordfence product updates and security news via email.