Wordfence Security is a free enterprise class security and performance plugin that makes your site up to 50 times faster and more secure.
I'm using free version of Wordfence and I wish they can give more information in alerts like all them usernames a person has tried to login, in an email alert.
A good plugin. But it
would be great to be able to import and export the IP range. If you have to do it manually and wait for a reload everytime you put in an IP, as it is right now, it`s just a pia.
I love the Live Traffic feature. It helps me to detect IP addresses that are keep attacking my sites so I can block them right away. Wordfence is one of security plugins that I always install on my WordPress sites.
Satisfied with the security side, one day I tried to use their built-in caching tool (under Performance Setup menu). It seems all well until I checked the reports on Google Webmasters. It's full of 403 error. I tried to test some urls through "Fetch as Google", the results are all error. I immediately suspect the Wordfence caches are the culprit because everything is fine before I turned on the cache. I turned off the caches and retest it again on Webmasters. The problems did go away.
The bottom line, I am satisfied with Wordfence as security plugin, but not as caching plugin.
I have used All in one WP security and i think Wordfence is not that good and don't have that many options to set
I just updated to the new version today but unfortunately the problem that began immediately after 3.9 upgrade persists. It will no longer scan. Plus when I clicked the OPTIONS tab I get a messagae that says
"You do not have sufficient permissions to access this page."
I also notice when this version of WF is active my sites slow down to a crawl. As soon as I deactivate WF the sites speeds up significantly. I use this plug in on 10 sites and all of them speed up when I deactivate WordFence.
Hopefully this is a temporary issue but there was no response to my support left yesterday. So I'll have to find another option. I hate that because up until now this plug in has been really good. But security is so important and can't leave my sites unprotected so I'm off to look for another option.
If someone from WordFence reads this review...it's not necessary to respond I've already found another option.
All the best
What a great plugin!
I tried to log in to their site to tell them about a database problem though, and apparently they don't want that sort of feedback except from paid subscribers.
The database wp_wfStatus has no primary key, and it really ought to. This causes problems for some other plugins that perform mass database operations, especially operations like renaming your wordpress site to a different domain or such.
I imagine this will be fixed soon, since it's such an easy thing to do.
Lots of interesting feature, but it appears rather complicated to use.
It runs reports well, but can over-protect and cause the site to be blacklisted. This is a warning to users to be careful about changing the default settings and not to use the setting to block fake GoogleBots as this caused my site to get blacklisted by McAfee. (I'd be happy to change this review if the plugin prevents this from happening, though I doubt I'd want to test it as it's hard to get off the blacklist.)
I have used it with a variety of plugins on different sites with different themes without incompatibility. Overall it works very well.
NOTE: I had a security alert, which told me to delete two files that were possible security issues. One, gdform.php, I could only find in a search as a GoDaddy file, though I don't use GoDaddy. The other I could find no reference to anywhere on the web: odelia_wyn.php When I deleted them, I had no problem with my website. It's working fine. In case others find those files, I hope they find this post and are not afraid to delete them.
Installed the plugin 4 days ago and I can't stop loving it. It gives me real-time analytics which is much detailed compared to other plugins i'v seen and used. Another great tool is the 'Whois Lookup' but so far it hasn't returned any IP search results so I have been using whois.domaintools.com to run my whois search for specific IPs.
It also helps me detect who is looking in my plugins directory for plugins that do not even exist thereby creating error 404. I noticed a spider from China that kept crawling a directory in the bbpress plugin and other plugins that I have never used and don't exist on my server(see below). Thought it had to be a fake spider and blocked its IP series quickly with 'Advanced Blocking'.
Browser: Baiduspider version 2.0
Browser: IE version 6.0 running on WinME
Browser: IE version 6.0 running on WinME
I neither have the 'woopra' nor the 'seo-watcher' plugin. So far this plugin had worked as it was described.
I don't think country blocking should be paid for. It's so simple for a developer to create.
You must log in to submit a review. You can also log in or register using the form near the top of this page.