The Wordfence WordPress security plugin provides free enterprise-class WordPress security, protecting your website from hacks and malware.
After having "hacking" issues in 2014 this was highly recommended to me. But in recent months after a number of updates it has issues completing scans. It stops and sits on "Fetching list of known malware files from Wordfence" and never seems to move on. Tried to rectify by instructions available but with no result.
I have this installed on every website for security.... but it really does slow down the entire website. Pingdom scores area always bad when Wordfence is activated. Guess it's one of those unfair things in life we just get to live with.
I'm using free version of Wordfence and I wish they can give more information in alerts like all them usernames a person has tried to login, in an email alert.
A good plugin. But it
would be great to be able to import and export the IP range. If you have to do it manually and wait for a reload everytime you put in an IP, as it is right now, it`s just a pia.
I love the Live Traffic feature. It helps me to detect IP addresses that are keep attacking my sites so I can block them right away. Wordfence is one of security plugins that I always install on my WordPress sites.
Satisfied with the security side, one day I tried to use their built-in caching tool (under Performance Setup menu). It seems all well until I checked the reports on Google Webmasters. It's full of 403 error. I tried to test some urls through "Fetch as Google", the results are all error. I immediately suspect the Wordfence caches are the culprit because everything is fine before I turned on the cache. I turned off the caches and retest it again on Webmasters. The problems did go away.
The bottom line, I am satisfied with Wordfence as security plugin, but not as caching plugin.
I have used All in one WP security and i think Wordfence is not that good and don't have that many options to set
I just updated to the new version today but unfortunately the problem that began immediately after 3.9 upgrade persists. It will no longer scan. Plus when I clicked the OPTIONS tab I get a messagae that says
"You do not have sufficient permissions to access this page."
I also notice when this version of WF is active my sites slow down to a crawl. As soon as I deactivate WF the sites speeds up significantly. I use this plug in on 10 sites and all of them speed up when I deactivate WordFence.
Hopefully this is a temporary issue but there was no response to my support left yesterday. So I'll have to find another option. I hate that because up until now this plug in has been really good. But security is so important and can't leave my sites unprotected so I'm off to look for another option.
If someone from WordFence reads this review...it's not necessary to respond I've already found another option.
All the best
What a great plugin!
I tried to log in to their site to tell them about a database problem though, and apparently they don't want that sort of feedback except from paid subscribers.
The database wp_wfStatus has no primary key, and it really ought to. This causes problems for some other plugins that perform mass database operations, especially operations like renaming your wordpress site to a different domain or such.
I imagine this will be fixed soon, since it's such an easy thing to do.
Lots of interesting feature, but it appears rather complicated to use.
It runs reports well, but can over-protect and cause the site to be blacklisted. This is a warning to users to be careful about changing the default settings and not to use the setting to block fake GoogleBots as this caused my site to get blacklisted by McAfee. (I'd be happy to change this review if the plugin prevents this from happening, though I doubt I'd want to test it as it's hard to get off the blacklist.)
I have used it with a variety of plugins on different sites with different themes without incompatibility. Overall it works very well.
NOTE: I had a security alert, which told me to delete two files that were possible security issues. One, gdform.php, I could only find in a search as a GoDaddy file, though I don't use GoDaddy. The other I could find no reference to anywhere on the web: odelia_wyn.php When I deleted them, I had no problem with my website. It's working fine. In case others find those files, I hope they find this post and are not afraid to delete them.
You must log in to submit a review. You can also log in or register using the form near the top of this page.