A while back, I started using WPMUDEV’s Defender Pro plugin for security on all my WordPress sites. I made a decision this week to switch to WordFence. The conversation was forced on me, because I had a site using Defender Pro that was hacked. I do not blame Defender Pro for the hack, however, this hacking incident caused me to re-think my WordPress security strategy a bit.
Almost all of my sites utilize a server-based Web Application Firewall – the site that was hacked does not, as it’s on a different infrastructure from the others. Put simply: WordFence has a Web Application Firewall (WAF) built into the plugin, whereas Defender Pro does not. I don’t know for a fact that the WordFence WAF would have protected me in this case, but it’s very possible it would have saved the day.
For the record, Defender Pro does a fine job of scanning your site for hacked files – in fact, their scans are very comparable to WordFence’s scans. But Defender Pro does not proactively protect your site from malicious folks in real time. Since this most-recent hack, I even upgraded all my sites that do not have a WAF to the WordFence paid tier, which provides some additional real-time checks to keep the bad guys out of the site.
More posts from themightymo.com
How to fix the “Warning: Class ‘Automattic\WooCommerce\StoreApi\Routes” issue in WordPress + WooCommerce
Today when I visited a customer’s website, I saw an error similar to this: etc. After trying all sorts of troubleshooting, the solution ended up being simple. Download a fresh copy of WooCommerce from WordPress.org and FTP it up to the server, replacing the existing WooCommerce files. Problem solved. Isn’t that nice? Many thanks to…
Here’s a bit of plain CSS that’ll create rainbow text on your WordPress site or anywhere, really.
I ran into a rather serious issue recently: a human on my team (me) intentionally (but accidentally) deleted an Amazon S3 bucket that was serving files to a WordPress site. The solution to the problem follows: Cry when you realize you cannot restore a deleted S3 bucket. Search your computer, your co-workers’ computers, your former…