Real WordPress Security

There are lots of plugins and services that are promoted with unqualified claims that they will stop or protect WordPress websites from being hacked, but what none of the providers of those do is provide evidence, much less from evidence from independent testing, that proves they do that. There is a good reason for that, in reality they provide limited to no protection. The company behind of the most popular WordPress security plugin has actually admitted that their plugin will fail to protect websites against many hacks, while still marketing it with the unqualified claim that it “stops you from getting hacked”. The situation gets even worse though, as that company and others even make up threats and then promote their services as the solution.

With our service we are focused on protecting you from something that the people behind WordPress and the security industry around WordPress are not all that interested in, despite how often it leads to websites being hacked, vulnerabilities in WordPress plugins. We don’t claim that we can stop all hacks, like others do, but we will provide you the best protection against the threat, while your usage of our service actually helps to actual make WordPress plugins and therefore the WordPress ecosystem more secure for everyone using them, which is something that can’t really be said for other services.

With our service we help to protect you against plugin vulnerabilities by doing the following:

  • Warning you if you are using a known vulnerable version of a plugins, which currently includes plugins in the Plugin Directory that are used on over 2.9 million websites (as of September 21, 2018). While other data sources claim to contain all known vulnerabilities for plugins in their data set, the reality is that they don’t even come close to matching us.
  • Working with the developers of plugins with unfixed vulnerabilities to get those fixed, so that you and others can simply update the plugin to protect yourselves. So far this year we have help to get vulnerabilities in plugin used on over 2.2 million websites fixed (try to find another company that has done more than we have when it comes to improving the security of WordPress websites).
  • Helping you to decide what actions to take if the vulnerabilities haven’t been fixed yet, including being able to provide you with a temporary fix for the vulnerabilities.
  • Letting you suggest/vote for plugins to receive a security review from us, so that you can be assured that the plugin you use are free of many types of security vulnerabilities.
  • Proactively monitoring the Plugin Directory to catch serious vulnerabilities before they are exploited on your website or anyone else’s.
  • Discovering serious vulnerabilities that hackers are looking to exploit by monitoring various sources of data that provide an indication that hackers have an interest in those plugins.

You can try the service for free when you sign up now (we also offer a free lifetime subscription with hack cleanups).

Even if you not going to sign up now, you should install the companion plugin for our service, since that will warn you if you are using vulnerable plugins that are already being exploited even if you don’t use our service. You can also use our Plugin Security Checker to see if plugins you use have possible security issues.