Real WordPress Security
An unfortunate reality when it comes to the security of WordPress websites is that the people behind WordPress have engaged in years long cover up of security issues with WordPress plugins leading to far too many websites being unnecessarily hacked. We have been trying to get things changed for years, but so far the people on the WordPress side of things are more interested in covering up problems instead of taking the fairly easy step that could fix them. Also, unfortunately the rest of the security industry seems uninterested in getting those problems fixed, maybe because that would mean less business for them.
With our service we are focused on protecting you from security problems in WordPress plugins. We don’t claim that we can stop all hacks, like others do, but we will provide you the best protection against the threat, while your usage of our service actually helps to actual make WordPress plugins and therefore the WordPress ecosystem more secure for everyone using them, which is something that can’t really be said for other services.
With our service we help to protect you against plugin vulnerabilities by doing the following:
- Warning you if you are using a known vulnerable version of a plugins, which currently includes plugins in the Plugin Directory that are used on over 2.9 million websites (as of September 21, 2018). While other data sources claim to contain all known vulnerabilities for plugins in their data set, the reality is that they don’t even come close to matching us.
- Working with the developers of plugins with unfixed vulnerabilities to get those fixed, so that you and others can simply update the plugin to protect yourselves. So far this year we have help to get vulnerabilities in plugin used on over 2.2 million websites fixed (try to find another company that has done more than we have when it comes to improving the security of WordPress websites).
- Helping you to decide what actions to take if the vulnerabilities haven’t been fixed yet, including being able to provide you with a temporary fix for the vulnerabilities.
- Letting you suggest/vote for plugins to receive a security review from us, so that you can be assured that the plugin you use are free of many types of security vulnerabilities.
- Proactively monitoring the Plugin Directory to catch serious vulnerabilities before they are exploited on your website or anyone else’s.
- Discovering serious vulnerabilities that hackers are looking to exploit by monitoring various sources of data that provide an indication that hackers have an interest in those plugins.
Even if you not going to sign up now, you should install the companion plugin for our service, since that will warn you if you are using vulnerable plugins that are already being exploited even if you don’t use our service. You can also use our Plugin Security Checker to see if plugins you use have possible security issues.