artlung.

WordFence is vital for self-hosted WordPress instances. 2018 Feb 19

I’ve been hosting WordPress websites for a long time. This blog I migrated to WordPress in 2004. I had experience with it running San Diego Blog which started on B2 and I converted to WordPress in Summer 2004. So I’ve been hosting WordPress a long time. There’s a reason the software is popular. It’s free, flexible, straightforward to customize, theme, improve, update.

This ease-of-use has brought ubiquity. So much so I attended Creative Mornings San Diego the other morning and one of the sponsors was WordPress. The short description of WordPress included the tagline “powering 25% of websites.”

Ubiquity has made WordPress an extraordinarily attack surface area for hackers. (Like Windows has been for a long time! Yay?!) I’ve seen hacks against user accounts, against the upload feature, I’ve seen worms, and DOS attacks and everything in-between. An absolutely vital tool for me has been WordFence. They’ve done a great job on the free version of the tool. I feel like the paid version is a bit too pricy for my own usage, but WordFence version 7 has been a great update already. This blog has had some targeted SQL injection attacks as well as some suspicious user creation behavior directed at it that WordFence alerted me to and thwarted successfully.

I run several other websites and having WordFence do this kind of work and keeping me up to date keeps my mind at ease.

Joe Crawford blogged this at 10:18am in 2018 in February. The 19th was a Monday. You are reading this 10 months later. Make a public comment. There is one comment Tweet. Direct message. Send email. It has hashtags→ .

Comments: 1

Leave a Reply

Comments Open; Trackbacks Open.