Mark Maunder
Forum Replies Created
-
Wordfence 7.0.1 was a major user interface redesign which moved the focus onto security fundamentals. Our emphasis is now on securing your website and doing the things that are most important to prevent a hack. This includes giving you a quick and easy way to see what your security posture is and whether you have the blacklist, firewall and malware scan enabled and if you have any current issues.
Live traffic can be useful for some purposes e.g. seeing in real-time which bots are visiting your site. But it is not fundamental to security and in fact creates unnecessary work if you are trying to watch it and stop attacks manually. Wordfence actually does that work for you automatically now and you can disable live traffic and have a perfectly secure high performance site.
If you would like live traffic back on the menu on the left, we have provided an option to enable that. Just ask in the support forums. You can also enable an ‘expanded’ view in live traffic which will give you significantly more data by default.
If there are other areas you’re unhappy with, we’d love to hear about them and there may be a way to reenable a certain feature already built into Wordfence 7. Just ask in our forums. Our team is super responsive.
Regards,
Mark Maunder
Wordfence Founder/CEO.Thanks for your feedback. We’re aware of the need to bring back global options and the team is looking at doing that.
Live traffic still works and the default view is compact. You can enable the expanded view in settings which is at the top of the live traffic page.
All other features still exist. Please post in the forums and the team will help you find them.
Wordfence 7.0.1 was a major user interface redesign which moved the focus onto security fundamentals. Our emphasis is now on securing your website and doing the things that are most important to prevent a hack. This includes giving you a quick and easy way to see what your security posture is and whether you have the blacklist, firewall and malware scan enabled and if you have any current issues.
Live traffic can be useful for some purposes e.g. seeing in real-time which bots are visiting your site. But it is not fundamental to security and in fact creates unnecessary work if you are trying to watch it and stop attacks manually. Wordfence actually does that work for you automatically now and you can disable live traffic and have a perfectly secure high performance site.
If you would like live traffic back on the menu on the left, we have provided an option to enable that. Just ask in the support forums.
Regards,
Mark Maunder
Wordfence Founder/CEO.Hi,
Wordfence 7.0.1 was a major user interface redesign which moved the focus onto security fundamentals. Our emphasis is now on securing your website and doing the things that are most important to prevent a hack. This includes giving you a quick and easy way to see what your security posture is and whether you have the blacklist, firewall and malware scan enabled and if you have any current issues.
Live traffic can be useful for some purposes e.g. seeing in real-time which bots are visiting your site. But it is not fundamental to security and in fact creates unnecessary work if you are trying to watch it and stop attacks manually. Wordfence actually does that work for you automatically now and you can disable live traffic and have a perfectly secure high performance site.
If you would like live traffic back on the menu on the left, we have provided an option to enable that. Just ask in the support forums.
Please note that live traffic has an expanded view which will probably give you what you want. Simply open the settings at the top of live traffic and enable it.
We build this product based on user feedback, so if you have something specific you want changed, simply post in the forums and our team sees it and will discuss it in our product meetings.
Regards,
Mark Maunder
Wordfence Founder/CEO.Hi there.
Wordfence 7.0.1 was a major user interface redesign which moved the focus onto security fundamentals. Our emphasis is now on securing your website and doing the things that are most important to prevent a hack. This includes giving you a quick and easy way to see what your security posture is and whether you have the blacklist, firewall and malware scan enabled and if you have any current issues.
Live traffic can be useful for some purposes e.g. seeing in real-time which bots are visiting your site. But it is not fundamental to security and in fact creates unnecessary work if you are trying to watch it and stop attacks manually. Wordfence actually does that work for you automatically now and you can disable live traffic and have a perfectly secure high performance site.
If you would like live traffic back on the menu on the left, we have provided an option to enable that. Just ask in the support forums.
If there is anything else specific you think we should change, please do post that in the support forums so it gets on our radar. Software is an organic thing and constantly evolving and it is user feedback that helps it evolve.
Regards,
Mark Maunder
Wordfence Founder/CEO.Live traffic still refreshes automatically and you now have a compact view (enabled by default) and an expanded view. Simply check live traffic settings at the top of the page.
Wordfence 7.0.1 was a major user interface redesign which moved the focus onto security fundamentals. Our emphasis is now on securing your website and doing the things that are most important to prevent a hack. This includes giving you a quick and easy way to see what your security posture is and whether you have the blacklist, firewall and malware scan enabled and if you have any current issues.
Live traffic can be useful for some purposes e.g. seeing in real-time which bots are visiting your site. But it is not fundamental to security and in fact creates unnecessary work if you are trying to watch it and stop attacks manually. Wordfence actually does that work for you automatically now and you can disable live traffic and have a perfectly secure high performance site.
If you would like live traffic back on the menu on the left, we have provided an option to enable that. Just ask in the support forums.
Regards,
Mark Maunder
Wordfence Founder/CEO.Wordfence 7.0.1 was a major user interface redesign which moved the focus onto security fundamentals rather than ‘eye candy’. Our emphasis is now on securing your website and doing the things that are most important to prevent a hack. This includes giving you a quick and easy way to see what your security posture is and whether you have the blacklist, firewall and malware scan enabled and if you have any current issues.
We have also made it easier to get started, modify settings and to quickly lock down your site.
Live traffic can be useful for some purposes e.g. seeing in real-time which bots are visiting your site. But it is not fundamental to security and in fact creates unnecessary work if you are trying to watch it and stop attacks manually. Wordfence actually does that work for you automatically now and you can disable live traffic and have a perfectly secure high performance site.
If you would like live traffic back on the menu on the left, we have provided an option to enable that. Just ask in the support forums.
Regards,
Mark Maunder
Wordfence Founder/CEO.Wordfence 7.0.1 was a major user interface redesign which moved the focus onto security fundamentals rather than ‘eye candy’. Our emphasis is now on securing your website and doing the things that are most important to prevent a hack. This includes giving you a quick and easy way to see what your security posture is and whether you have the blacklist, firewall and malware scan enabled and if you have any current issues.
Live traffic can be useful for some purposes e.g. seeing in real-time which bots are visiting your site. But it is not fundamental to security and in fact creates unnecessary work if you are trying to watch it and stop attacks manually. Wordfence actually does that work for you automatically now and you can disable live traffic and have a perfectly secure high performance site.
If you would like live traffic back on the menu on the left, we have provided an option to enable that. Just ask in the support forums.
Regards,
Mark Maunder
Wordfence Founder/CEO.Forum: Plugins
In reply to: [SlimStat Analytics] Issues unrelated…?Was great chatting on the phone today. Much appreciated and we really appreciate you working with us.
Regards,
Mark.
Forum: Plugins
In reply to: [SlimStat Analytics] Issues unrelated…?Check your email. We’ve been chatting. I need an urgent reply from you to my latest question.
Mark.
Hi David,
Wordfence is 100% GPL and is licensed under GPLv2. We will be including a license document and an update to the readme.txt header in the release that is (I think) going out next week.
This is an update on a previous statement we may have made some time ago saying that it is dual licensed. That is no longer the case. Wordfence is 100% GPL at this point.
Regards,
Mark.
Hi Gwyneth. Thanks for taking the time share your thoughts with us. I want you to know that a few folks in Wordfence have read your post, including one of our senior devs.
It’s quite a long post and there is a lot there, but I’d like to share a few comments. This might not go into as much detail as you’d like but hopefully it’ll give you a sense of how we think about this problem.
I understand that you are focused on DB performance and I also understand the specific reason: mysql replication. Believe me I’ve had enough experience watching slave replication fall behind to know how frustrating this might be. [Random war story: Back at etoys.com in 1999/2000 mysql replication didn’t exist so we created our own using the mysql query log. It was messy but worked surprisingly well and was how we had hot standby’s for a multi-billion dollar business!]
We worked quite closely with some of the largest hosting providers in the world. Most Wordfence and WordPress installations are on those environments. Their configurations and load concerns vary depending on how they’ve configured disk and the database. For example we had feedback from one major hosting provider that their disk was generally very slow and they really wanted to work hard to minimize disk reads and writes. So we changed the way we do some of our malware scanning to specifically accommodate them and other hosts with the same configuration.
So when we look at Wordfence performance, we have to minimize load on both the database and the disk – we can’t give one preference over the other.
Regarding turning off live traffic: This should stop logging of each request to the DB. Once live traffic is disabled you should only see attacks and things like logins logged to the database and in most cases that is a fraction of your total traffic.
We can’t use the server logs because they are in a different format to what we require.
We can’t use a specific DB engine because many platforms only have one specific mysql engine installed.
We do need to log some things to the database. We can’t be completely silent as Wordfence operates.
In general we’ve worked to make Wordfence provide an excellent level of security that minimizes both disk and DB IO as much as possible. This is of course an ongoing effort and as I mentioned some of our senior folks have read your post and we very much appreciate your feedback.
Kind regards,
Mark Maunder – Wordfence founder/ceo.
Hi,
Can you explain what you mean by “disabled your outbound ports”? That phrase could have several meanings.
Which column in wfHits contained that data? Note that wfHits stores referrers, user-agents and other data that any site visitor or attacker can modify. It’s just a data table. The code in there never gets executed and it’s well sanitized before being displayed. So there’s no harm in code that might look malicious being in there.
Can you go into a bit more detail describing why you’re concerned about this being in a backup? Those SQL files should never be publicly accessible and they also aren’t executable.
Thanks,
Mark.
And a further note: One of our team tried to fetch your site with a Googlebot user-agent: “Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)” and it returned a 404 page not found. So it looks like you’re still infected with something.
When we hit it with a Googlebot user-agent, it’s trying to serve up the URL: /wp-admin/images/ex.htm
So it looks like you removed that but the underlying infection is still there and trying to serve that up.
Mark.
- This reply was modified 9 years, 5 months ago by Mark Maunder.
One of my team just pointed out you probably meant the attacker made your site not crawlable by google. So I may have misread that.
Looks like mac is creating those files to store extended attributes. You might consider adjusting your workflow to either delete those files before uploading them to your web server or changing the way you manage files so they aren’t created.
Mark.