The company behind the Wordfence Premium service make a lot of great sounding claims about their service, but if you start looking around, the real world results don’t match that. Take this comment from one of their customers about a widely exploited vulnerable WordPress plugin in November:
I have 7 sites with WP GDPR Compliance and they were all hacked – new admin users + a few uploaded scripts-
All of them had Wordfence premium installed but it didn’t stop the attack 🙁
What happened there is not at all unexpected if you actually deal in the security of WordPress websites, since the people behind that service are not actually the experts they claim to be and are often well behind in knowing about vulnerabilities, so they are adding protection after exploitation has already happened (since hackers are actually keeping up). They can get away with this because they don’t have any qualms about lying and most people don’t understand what is going on, here is one of their employees on the same vulnerability:
Are you using this plugin to help with GDPR compliance? New exploit found. Over 100,000 installations,. If you have Wordfence Premium you are covered! https://t.co/HPVGpgQa2g
— Tim Cantrell (@tcan1337) November 8, 2018
Obviously Wordfence Premium customers were not covered, since they were getting hacked due to that vulnerability.
When it came to that vulnerable plugin, we had already warned customers of our service well before the exploitation happened. We could provide example after example where anyone just following our blog would have actually been aware of vulnerabilities weeks before the team behind Wordfence became aware of them.
If you are looking for real security for your WordPress website, instead of company that is good at selling you on something that doesn’t work, that is where our service comes in since we actually provide a service that will help you to avoid security issues with plugins when using WordPress. We do this by alerting to you vulnerabilities in plugins as they are discovered (many of them ones that we have caught as they are being introduced in to plugins), working with developers to make sure those are fixed, and allowing you to help select plugins to be more thoroughly reviewed for security issues by us.
Not only do you get real security with our service, but you actually help to make every WordPress website more secure as we have for years been making sure that plugins are getting more and more secure (we unfortunately are largely alone in the security industry in doing that).
You can start using the service for free when you sign up now.