Plugin Vulnerabilities Firewall

The Only Plugin With Effective Protection

The only WordPress firewall plugin backed with testing that shows that it delivers protection that other WordPress security plugins should, but fail to, provide.

Our Plugin Vulnerabilities Firewall plugin for WordPress is built around providing protection against zero-day vulnerabilities, which are vulnerabilities that are being exploited before the developer of the software is aware of them, in WordPress plugins and doing so before security companies are even aware of them either, so it provides protection when their products and services don’t. While still in development, testing showed that it already provided protection against those that existing WordPress security plugins fail to provide. Ongoing testing is showing that other security plugins are not providing protection for most of the malicious requests that our plugin will block. While other developers don’t release test results (and probably are not even doing testing), we have a dedicated Bluesky account that shows its successes and failures, as we test it against new disclosed vulnerabilities.

Minimal Performance Impact

The plugin also doesn’t create the significant performance penalty that comes with relying on the Wordfence Security plugin, while providing better protection against the vulnerabilities that a firewall plugin is really needed to protect against.

Setup Free Protection

Once you activate the plugin, most of the protection is in place without requiring any setup.

Easy Configuration

Want more protection? For most websites, full protection only requires clicking a button and filling out a four question questionnaire.

Tightly Coupled with WordPress

Unlike web application firewalls (WAFs), the plugin is tightly coupled to the WordPress website it is installed on, so that it can better understand what does and doesn’t need to be stopped. That expands the number of attacks that can be stopped by being able to stop them inside WordPress as well outside of it, while also reducing the number of legitimate requests being blocked.

Complication Free

In addition to providing protection that other plugins don’t, the plugin is designed to limit unnecessary complications with other plugins, which is a big issue with competing security plugins. It does that through the tight coupling with WordPress, which competing plugins don’t have.

Wide Protection

The plugin currently contains protection against some instances of the following types of vulnerabilities (with more in development):

  • Arbitrary file deletion
  • Arbitrary file upload
  • Arbitrary file viewing
  • Arbitrary media deletion
  • Arbitrary plugin deactivation
  • Arbitrary plugin installation
  • Arbitrary post deletion
  • Arbitrary user deletion
  • Local file inclusion (LFI)
  • Open redirect
  • Option update
  • PHAR Deserialization
  • PHP object injection
  • Persistent cross-site scripting (XSS)
  • Reflected cross-site scripting (XSS)
  • Role change
  • Shortcode execution

We are continually testing it against newly discovered vulnerabilities to ensure that the plugin continues to provide the most robust protection available.

Certified Protection and Security

Unlike many other WordPress security plugins, our is a Certified WP Security product, so you can be assured that it delivers the promised results. Also, unlike other security plugins, it has had an extensive security review done of it.

Getting the Plugin

The plugin is available for free for customers of our service, as it designed to work alongside the protection provided by that service against vulnerabilities once they have been discovered. You can try it for free when you sign up for a free trial of our service. Or you can get a free lifetime subscription to our service if you take our survey to help improve WordPress plugin security.