Wordfence

Breaking my ‘schedule’ already with a second consecutive meta-post, but I think it’s worth it to promote a great plugin I came across: Wordfence is a security plugin for WordPress that does an amazing amount work to prevent and detect hacking.

Now being hacked is not something I’ve been concerned about, being an extremely low traffic site, but even so I am not immune to spiders that search for vulnerabilities: I came across Wordfence as a result of looking at my list of 404 errors, many trying to find a non-existent file called timthumb.php.

It turns out that there was a serious vulnerability in TimThumb, which is used by many WordPress installations to do image resizing. That link lead me to Wordfence, which I installed immediately.

I wanted to call out the one or two best features of Wordfence, but I genuinely can’t decide which are best. Firstly, it will scan the WordPress source (including plugins and templates) against their own repository taken from official sources to detect modifications. Secondly, there is a page showing live traffic (yes, I tested it – remote connections show up within seconds), which is great for spotting unusual traffic patterns. Third is the firewall, which will throttle or block IPs that are connecting too quickly or causing too many 404s. Finally, email notifications for any suspicious (or optionally, normal) activity.

For those wanting per-country blocking or premium support there is a paid version, but the basics are all free. If only to provide early detection of maliciously modified PHP files, it is worth it.