Even Wordfence Competitor Has Been Fooled by Untruthful Marketing of Wordfence Premium
We recently tried to add a WordPress firewall plugin named BitFire in to our automated testing system of WordPress security plugins, but found that the plugin wasn’t working properly and then an update totally broke it. We also noticed that the plugin’s marketing continued rather inaccurate information, which is, unfortunately, not a unique situation from a WordPress security provider. But it turns out that some of the inaccurate information makes it sound like a competitor of theirs provides much better results than they do. Here is how they talked up the Wordfence Premium service from Wordfence while saying why you shouldn’t use it:
If you use WordFence, you should only use the paid version. WordFence has a team monitoring emerging WordPress vulnerabilities and writing custom rules to block specific exploits. They are very good at it and run a great blog on their work. Paying customers receive these virtual patches as soon as they are available. Free customers receive the patches 30 days later. If your website is vulnerable, it is almost guaranteed to be hacked before the patch is available to free customers. Don’t leave your site at risk.
As we discussed recently, contrary to what is written there, Wordfence isn’t actually doing the work needed to provide firewall rules. As mentioned in our previous post, over two months, they only added rules for three vulnerabilities in WordPress plugins. And repeated tests we have done have shown their plugin and the Wordfence Premium service have failed to protect against vulnerabilities they should have protected against.
The poor performance of the Wordfence Premium service has been going on for years and has led to their paying customers getting hacked when they shouldn’t have.
This situation should give people a better idea of why the security industry is in such bad shape. Instead of security companies comparing how they are doing and working to deliver better results than competitors, they simply make things up and don’t even consider that competitors are doing the same.