Real WordPress Security

An unfortunate reality when it comes to the security of WordPress websites is that the people behind WordPress have for years refused to take actions that would largely resolve major security issues with WordPress plugins and that has led to far too many websites being unnecessarily hacked. We have tried for years without success to work with them to fix those issues. There reason for refusing to fix those problems, or even discuss doing that, have never really made sense, as among other things, we have offered to do most of the work for them to get them resolved. Also, unfortunately other security companies with a focus on WordPress have also seemed to be uninterested in trying to get those issues fixed, instead of selling people on security services that often fail to provide effective protection.

With our service we are focused on protecting your website from security problems in WordPress plugins that are being left unfixed. We don’t claim that we can stop all hacks, like others do (and then don’t even attempt to accomplish), but we will provide you the best protection against the threat, while your usage of our service actually helps to make WordPress plugins and therefore the WordPress ecosystem more secure for everyone using them, which is something that can’t really be said for other services.

With our service we help to protect you against plugin vulnerabilities by doing the following:

  • Warning you if you are using a known vulnerable version of plugins, which currently includes plugins in the Plugin Directory that are used on over 4.09+ million websites (as of May 6). While other data sources claim to contain all known vulnerabilities for plugins in their data set, the reality is that they don’t even come close to matching us. In September for example, we added over three times as many new vulnerabilities as other data sources.
  • Working with the developers of plugins with unfixed vulnerabilities to get those fixed, so that you and others can simply update the plugin to protect yourselves. So far this year we have help to get vulnerabilities in plugins used on over 12.72+ million websites fixed (try to find another company that has done more than we have when it comes to improving the security of WordPress websites).
  • Helping you to decide what actions to take if the vulnerabilities haven’t been fixed yet, including being able to provide you with a temporary fix for the vulnerabilities.
  • Letting you suggest/vote for plugins to receive a security review from us, so that you can be assured that the plugin you use are free of many types of security vulnerabilities.
  • Proactively monitoring the Plugin Directory to catch serious vulnerabilities before they are exploited on your website or anyone else’s.
  • Discovering serious vulnerabilities that hackers are looking to exploit by monitoring various sources of data that provide an indication that hackers have an interest in those plugins.