Why I switched from WPMUDEV’s Defender Pro to WordFence for WordPress Security

A while back, I started using WPMUDEV’s Defender Pro plugin for security on all my WordPress sites. I made a decision this week to switch to WordFence. The conversation was forced on me, because I had a site using Defender Pro that was hacked. I do not blame Defender Pro for the hack, however, this hacking incident caused me to re-think my WordPress security strategy a bit.

Almost all of my sites utilize a server-based Web Application Firewall – the site that was hacked does not, as it’s on a different infrastructure from the others. Put simply: WordFence has a Web Application Firewall (WAF) built into the plugin, whereas Defender Pro does not. I don’t know for a fact that the WordFence WAF would have protected me in this case, but it’s very possible it would have saved the day.

For the record, Defender Pro does a fine job of scanning your site for hacked files – in fact, their scans are very comparable to WordFence’s scans. But Defender Pro does not proactively protect your site from malicious folks in real time. Since this most-recent hack, I even upgraded all my sites that do not have a WAF to the WordFence paid tier, which provides some additional real-time checks to keep the bad guys out of the site.

The Mighty Mo! Design Co.

RSS From Toby’s Blog

  • The Horrors of Covering Your Own Ass
    Today I emailed a very simple question to support@[companyname].com (2 sentences total). The automated response I got back was this: Keep in mind that the above was an auto-response and: It’s hard to read. Everything has the same import (e.g. none of it is important enough to call out separately). It’s long. It added absolutely-zero…
  • If something stupid makes money, then it’s not stupid.
    I’ve seen some stupid things in my life…And some of them were really really smart. I remember a story from decades ago where the U.S. military was looking to equip the Stealth Bomber with a fancy computer-driven video system so the pilots could see behind them. Well, the computers failed to get the job done,…
  • There is no destination.
    Coding is a process of failure followed by a moment of great joy. You've gotta ride through the failures to experience the joy...

More posts from themightymo.com

Website DNS, Domain Registration, & Hosting Basics

By Toby Cryns | November 30, 2021

Websites have multiple layers: Domain Registration When you register a domain, you pay someone ~$20/year for a .com domain. Registration means you are leasing the domain for a year or more. A domain is the “yoursite.com” or “yoururl.net” or “yourorganization.org” that people type into their browser. We use services like Namecheap, Dreamhost, and GoDaddy for…

Avada ThemeFusion loads 80+ javascript files on every page! DON’T RECOMMEND!

By The Mighty Mo! Design Co. | November 18, 2021

I inherited a WordPress site using Avada ThemeFusion, and it is experiencing really bad performance issues. After doing lots of my standard bag-of-tricks optimizations to little effect, I decided to simply count the javascript files. To my surprise horror, I found it was loading over 80 javascript files on every single page! (For comparison: themightymo.com…

Why I switched from WPMUDEV’s Defender Pro to WordFence for WordPress Security

By The Mighty Mo! Design Co. | November 12, 2021

A while back, I started using WPMUDEV’s Defender Pro plugin for security on all my WordPress sites. I made a decision this week to switch to WordFence. The conversation was forced on me, because I had a site using Defender Pro that was hacked. I do not blame Defender Pro for the hack, however, this…

RSS From Toby’s Blog

  • The Horrors of Covering Your Own Ass
    Today I emailed a very simple question to support@[companyname].com (2 sentences total). The automated response I got back was this: Keep in mind that the above was an auto-response and: It’s hard to read. Everything has the same import (e.g. none of it is important enough to call out separately). It’s long. It added absolutely-zero…
  • If something stupid makes money, then it’s not stupid.
    I’ve seen some stupid things in my life…And some of them were really really smart. I remember a story from decades ago where the U.S. military was looking to equip the Stealth Bomber with a fancy computer-driven video system so the pilots could see behind them. Well, the computers failed to get the job done,…
  • There is no destination.
    Coding is a process of failure followed by a moment of great joy. You've gotta ride through the failures to experience the joy...