Wordfence and GDPR – General Data Protection Regulation

Defiant, the company behind Wordfence, has updated its terms of use, privacy policies and software, as well as made available standard contractual clauses to meet GDPR compliance. Customers must review and agree to updated terms in order to continue using our products and services.

Defiant, the company behind Wordfence, has updated its terms of use, privacy policies and software, as well as made available standard contractual clauses to meet GDPR compliance. Customers must review and agree to updated terms in order to continue using our products and services.

The General Data Protection Regulation (GDPR) is a set of rules that provide data subjects with more control over their personal data. GDPR defines a data subject as anyone within the borders of the EU at the time of processing their personal data. It includes regulations on how EU data can be exported outside of the EU. It is changing the way organizations approach data privacy and the handling of personal information.

Agreement to new Terms and Privacy Policies

To continue using Defiant products and services including the Wordfence plugin, all customers must review and agree to the updated terms and privacy policies. These changes reflect our commitment to follow data protection best practices and regulations.

Standard Contractual Clauses

Defiant provides Standard Contractual Clauses to help customers meet their data privacy and protection obligations that are part of the General Data Protection Regulation (GDPR). Standard Contractual Clauses establish the respective responsibilities between the Defiant customer (as the data controller) and Defiant itself (as the data processor). This is available to all Defiant customers that are processing personal data and operate in the European Economic Area (EEA) or are otherwise subject to the territorial scope of the GDPR. To learn more about privacy and data protection rules of the EEA, click here.

Cookies

Defiant provides a Cookie Policy that explains how we use Cookies to collect information about the way you use our Sites and Services, and how you can control them. Please see Defiant’s Privacy Policy which includes the Cookie Policy.

Cookies set by the Wordfence plugin

To help you understand which cookies the Wordfence plugin sets, when installed on your WordPress site, we have provided the guide below. Wordfence currently sets three cookies and we explain what each cookie does, who will have the cookie set, and why the cookie helps secure your site.

wfwaf-authcookie-(hash)

What it does: This cookie is used by the Wordfence firewall to perform a capability check of the current user before WordPress has been loaded.

Who gets this cookie: This is only set for users that are able to log into WordPress.

How this cookie helps: This cookie allows the Wordfence firewall to detect logged in users and allow them increased access. It also allows Wordfence to detect non-logged in users and restrict their access to secure areas. The cookie also lets the firewall know what level of access a visitor has to help the firewall make smart decisions about who to allow and who to block.

wf_loginalerted_(hash)

What it does: This cookie is used to notify the Wordfence admin when an administrator logs in from a new device.

Who gets this cookie: This is only set for users who log in, and only if the site administrator enabled “Only alert me when that administrator signs in from a new device” or the similar option for non-admin users.

How this cookie helps: This cookie helps site owners know whether there has been a user login from a new device.

wfCBLBypass

What it does: Wordfence offers a feature for a site visitor to bypass country blocking by accessing a hidden URL. This cookie helps track who should be allowed to bypass country blocking.

Who gets this cookie: When a hidden URL defined by the site admin is visited, this cookie is set to verify the user can access the site from a country restricted through country blocking. This will be set for anyone who knows the URL that allows bypass of standard country blocking. This cookie is not set for anyone who does not know the hidden URL to bypass country blocking.

How this cookie helps: This cookie gives site owners a way to allow certain users from blocked countries, even though their country has been blocked.