The easiest, most effective way to secure WordPress in seconds.
They provide absolutely no support unless you pay for it. The forums are littered with cases of issues caused by the plugins going from complete site instability, to needing to restore everything, to cutting off access to everything and orphaning content/breaking links. The developers clearly don't care about the image of their software and content with self assigned titles of being the best and having enough fanboys giving them high rating probably without real idea of what's going on or any in depth evaluation of all aspects of changes and function by the plugin. It is just not worth the hassle, take some measures on your own to secure your site and skip the aggravation.
Installing this plugin was one of the things I most regret ever having done.
After setting up a few simple steps (according to the plugin's panel recommendations) my site simply crashed, and there was no way I could fix it - I'm actually trying up to now!
And when I say crash, it's not like it had an error. No. It was actually DOWN. Nothing loaded, it was a blank page. Same for the admin. Everything was gone, and I am trying to fix things at the FTP, still with no luck.
I do not recommend this plugin AT ALL.
This is a dangerous plugin that caused my site to crash. My host suggested a restore which only fixed some of the files; other files required viewing individually and restoring. Had to go back 30 days but finally have my site back. No a good plugin.
It locks YOU out more than anything else. I want the old version. It messed with all my authors names. So frustrating
The "Forbidden error" is due to this plugin causing a conflict with the server. As a result your home/work network IP will be blocked. I checked to make sure it wasn't my service providers IP. I had a hard time changing the IP on my network router so I just changed the router and that worked. Even though I whitelisted my IP in settings, I was still locked out. I have no idea what caused it. This plugin is faulty.
This is a first.
It's rare I feel inclined to rate a plugin or theme. They have to be really excellent for me to stop and take the time.
I did just that with Better WordPress Security and gave it a 5! I even donated to the plugin developer, which is even more rare for me!
However, with the recent changes (IThemes acquisition of BWPS) I believe this plugin has taken a turn for the worse.
I am therefore downgrading my 5 star rating to 1.
Here is why.
Currently I have about 10 sites using Better WP Security. As I update each one to IThemes, I am confronted with issue after issue. This frustration is causing hours of troubleshooting and ultimately wasted time.
As surprising as it is, IThemes as decided to charge money for support, leaving the Support forums high and dry. Several users are creating posts expressing issues with the update and not getting a peep out of IThemes. Not even a, "Sorry for the issue. We are working hard to fix it."
Conspiracy Theory Alert:
Is IThemes releasing a plugin with bugs, so people have to buy their support? This whole transition and chain of events just seems slimy and nothing but a sales pitch.
Chris Wiegman built the best security plugin by offering an excellent product and helping people use it. Since your 1 star ratings are on the rise, I suggest you implement the same ideology that made Chris successful.
Thank you for a great plugin! I know you are still working on BWPS (It'll always be BWPS to me) but are under the IThemes umbrella and working under their terms. Absolutely none of this is directed at you, so please accept my thankfulness to you and your work.
Back to repairing my broken site... I'll be upgrading to 3.6.6 from 4.0.12.
This review (don't know the date) was originally marked 5 stars and downgraded to 1 on 4-3-14
Disaster Disaster Disaster....
This plugin have crashed 2 of my website and it consumes too many server resources which the Hosting cuts me off for may hours in the last day.
To look for what does cause the problem I disabled all plugins, yours was the last one because I had great confidence that he was not guilty of all my problem.
You can imagine my surprise and disappointment when I discovered that the problem was your plugin.
We installed this a couple months ago on 35 sites. Randomly, sites would crash and we'd see that the .htaccess files were HUGE. Every site that I kept seeing at the top of the process list had a huge htaccess file with all kinds of URL rewriting rules and massive IP blocklists. I guess they have just been getting bigger and bigger, and it seemed the plugin wasn't even creating them correctly as hundreds of lines were being duplicated over and over.
This caused thousands of php processes to run and soon, the server was crashing almost hourly. We finally figured this out. I did send a message to the developer that the .htaccess files were not right.
If you are a host and your sites are crashing and your server, too... this could be why. Just wanted to put this up in case this happens to you. Haven't seen any issues with Wordfence so far.
I have been using this plugin for every customer. The move to iThemes has been a disaster to my reputation and my customers web sites. The UI is more cumbersome. And presenting a high priority item like "Your site is not performing any scheduled database backups." to my customers requires me to remind them a different backup system is being used. And no way to remove an untrue statement. Same with 24x7 access. I buy and support premium plugins but any plugin that creates a lot of questions with my customers and worse yet impacts the admin functions in a negative way has me deleting that plugin. I believe in redemption though I am not sure what iThemes can do to make this right.
I have used Better WP on multiple sites for over a year now. I have had success and I do like the way it can harden my sites. However, with this said, the documentation for recovering from site breakage is either non-existent or extremely difficult to come by in terms of effective recovery. Specifically, when you run into problems after hiding the back-end.
The paragraph at the bottom of the WordPress.org Better WP Security page states "Warning
Please read the installation instructions and FAQ before installing this plugin. It makes some significant changes to your database and other site files which, without a proper backup, can cause problems if something goes wrong. While problems are rare, most (not all) support requests I get for this plugin involve the users failure to make a proper backup before installing."
Read the last sentence. "most (not all) support requests I get for this plugin involve the users failure to make a proper backup before installing."
This statement CLEARLY lays the blame for most broken sites at the feet of the user because why? Because they didn't backup their site?? That's the most ridiculous deflection of responsibility I've ever heard! If the plugin wasn't so high risk and unstable there would be little to no need to perform a restore in the first place.
Once again, I do like the plugin in certain situations. And I respect the fact Better WP can not be solely responsible for compatibility issues with every theme out their. But even if you follow the instructions to the letter SERIOUS problems can and do occur. When they do it would be nice and professional for that matter, to have prompt, reliable support for issues that are well documented in the support forum.
My advice for Better WP? Do a more effective job of providing useful support and timely bug fixes and quit blaming "most" problems on the user's failure to back-up their site. Who wants to restore their site every time your product breaks their site any way? I sure a h*** don't.
My two cents.
You must log in to submit a review. You can also log in or register using the form near the top of this page.