A while back, I started using WPMUDEV’s Defender Pro plugin for security on all my WordPress sites. I made a decision this week to switch to WordFence. The conversation was forced on me, because I had a site using Defender Pro that was hacked. I do not blame Defender Pro for the hack, however, this hacking incident caused me to re-think my WordPress security strategy a bit.
Almost all of my sites utilize a server-based Web Application Firewall – the site that was hacked does not, as it’s on a different infrastructure from the others. Put simply: WordFence has a Web Application Firewall (WAF) built into the plugin, whereas Defender Pro does not. I don’t know for a fact that the WordFence WAF would have protected me in this case, but it’s very possible it would have saved the day.
For the record, Defender Pro does a fine job of scanning your site for hacked files – in fact, their scans are very comparable to WordFence’s scans. But Defender Pro does not proactively protect your site from malicious folks in real time. Since this most-recent hack, I even upgraded all my sites that do not have a WAF to the WordFence paid tier, which provides some additional real-time checks to keep the bad guys out of the site.
More posts from themightymo.com
How to optimize your Google Crawl Budget using SEM Rush Log File Analyzer and Rank Math SEO
Today I ran the SEM Rush Log File Analyzer tool, and it showed some interesting things that are a complete waste of our Google Crawl Budget. Specifically, I learned that Google is wasting some of our crawl budget on the /wp-includes/ directory, certain plugin directories, and cache directories. I also noticed random files being crawled…
Where is the Google Analytics Measurement ID?
In the vast, evolving world of web development and analytics, keeping up with terminologies and tools can sometimes feel like trying to chase a mischievous cat in a maze. You think you’ve got a grip, only for it to slip right through your fingers! Enter the mysterious “Measurement ID” from Google Analytics 4 (GA4), a…
How to Convert .aiff to .mp3 files via Command Line
Yesterday I ran into an issue where I needed to convert .aiff files to .mp3. DBPowerAmp was recommended to me as a paid GUI tool. But I wanted something more lightweight, since this is a task I rarely need to do (most of the time, I’m already in Logic Pro, and exporting is simple there).…