Updates on CyberSecurity, WordPress and what we're cooking in the lab today.

Category Archive: Wordfence

20 Minutes to a Secure WordPress Website

This entry was posted in Wordfence, WordPress Security on April 25, 2017 by Mark Maunder   15 Replies

Securing WordPress has become easy thanks to the amazing work the WordPress team continuously do to fix vulnerabilities and improve the security of the platform. With the addition of Wordfence, it is possible to run a secure WordPress site and sleep well at night knowing your investment is safe....read more

Wordfence Site Cleaning Customer Reviews

This entry was posted in Wordfence, WordPress Security on April 18, 2017 by Mark Maunder   0 Replies

In June last year we officially launched the Wordfence site cleaning service. Our senior analysts Brad and Colette had worked hard to put the processes in place we needed to provide an excellent site cleaning service to our customers that was fast, effective and safe. Since then the site cleaning team and the level of service has evolved tremendously. Today I want to share some of that progress with you....read more

IP Blacklist Update: The Launch and Evolution of The Wordfence IP Blacklist

This entry was posted in Wordfence, WordPress Security on April 13, 2017 by Mark Maunder   9 Replies

One of our passion projects at Wordfence has been to find a way to create and run an IP blacklist. We have known for a long time which IPs are attacking the sites we protect and that if we can block those IPs outright, it would be a powerful way to improve the security we provide to our customers....read more

Thousands of Hacked Home Routers are Attacking WordPress Sites

This entry was posted in Research, Wordfence, WordPress Security on April 11, 2017 by Mark Maunder   64 Replies

Update: By popular request, we have created a tool that lets you check if your own home router is vulnerable to the problems discussed in this post. Visit this page to check if your home router has port 7547 open or if it's running a vulnerable version of RomPager....read more

1.4 Million Attacks in 24 Hours: 32% Blocked by the New Blacklist

This entry was posted in Research, Wordfence, WordPress Security on March 16, 2017 by Mark Maunder   24 Replies

Last Friday we quietly launched a new Premium feature in Wordfence: A real-time IP blacklist that completely blocks known malicious IPs from accessing your website. On Monday we did a second release with a few improvements. Then we announced the blacklist on Tuesday this week....read more

Remote Working: No Bad Hair Days at Wordfence

This entry was posted in Miscellaneous, Wordfence on February 23, 2017 by Mark Maunder   6 Replies

The core team at Wordfence is now 13 full-time employees, and with contractors we are a team of 29. We are still at that really fun size where you can have a full team meeting and everyone has a chance to have their say. Every day feels like a hacker conference where everyone knows everyone else, and we are here to help our customers be more secure....read more

A Big Thank You to our Premium Customers for Powering Wordfence and Helping Secure the Community

This entry was posted in Wordfence, WordPress Security on February 21, 2017 by Mark Maunder   41 Replies

At Wordfence we are intensely customer focused. A few years ago when we made our first non-founder hires, we hired two amazing people: Matt Barry and Tim Cantrell. Matt is a spectacular engineer and immediately took ownership of the Wordfence code base and eventually wrote the core of what is the Wordfence Firewall today. Matt is also amazing to work with - one of the smartest and nicest people you'll ever have the pleasure of meeting....read more

Wordfence In Depth: How Malware Becomes Scan Signatures

This entry was posted in Research, Wordfence on February 16, 2017 by Mark Maunder   7 Replies

One of the most effective ways the Wordfence team keeps the WordPress community and customers secure is through something we call the 'Threat Defense Feed'. This is a combination of people, software, business processes and data. It's an incredibly effective way to keep hackers out and provide our customers with early detection....read more

Rapid Growth in Defacements, Who was Hit, Who is Attacking

This entry was posted in General Security, Vulnerabilities, Wordfence, WordPress Security on February 10, 2017 by Mark Maunder   22 Replies

Yesterday we published numbers indicating how widespread the defacement campaign is targeting the REST-API vulnerability recently fixed in WordPress 4.7.2. If you have not updated to 4.7.2 already on all sites you operate, do so immediately. If you are using Wordfence Premium, you are already protected....read more

The January 2017 WordPress Attack Activity Report

This entry was posted in General Security, Monthly Attack Activity Report, Wordfence, WordPress Security on February 3, 2017 by Mark Maunder   23 Replies

Last month we introduced a monthly attack activity report. This report gives you an indication of attack trends during the past month and how they have changed. Today we are releasing the January WordPress attack activity report which covers the period from January 1st until January 31st....read more

Get the latest WordPress security updates and news

Sign up for WordPress security alerts, Wordfence product updates and security news via email.