Home Keep your site secure, Use Wordfence
Apr 24, 2023 by Nathaniel Garvin

Keep your site secure, Use Wordfence

Wordpress Security, Wordpress Website Tips

One of the best security features we have discovered in our years of working with websites is a plugin called Wordfence. You may remember us saying in a previous post that plugins can be places of vulnerability on your site – this is true – however, Wordfence has such a strong worldwide reputation that we install the free version on every site we build as a standard feature.

The other big name in site securiy is Sucuri, which is also an excellent product. We will discuss pros and cons of the two a bit later in this post.

Why is Wordfence so good?

Wordfence describe themselves on their site as: “a global team of WordPress security analysts, threat researchers, software engineers, and support staff…we focus exclusively on securing WordPress websites, and on WordPress security research.”

Because of their sheer size and number of users they are aware of WordPress security threats almost as soon as they become obvious, and work to counteract them. Think of it like a global Neighbourhood Watch for WordPress sites.

How does it work?

Wordfence and Sucuri are Endpoint WAFs (web application firewalls), as opposed to a product like Cloudflare, which we’ll discuss in a later post, which is a Cloud WAF. For the most robust security possible we’d suggest you use both endpoint as well as cloud.

Endpoint WAFs work within your site itself, which is why they are effective in geo-blocking and IP blocking

How much does Wordfence cost? Is it worth it?

Wordfence has a free version which, as we said earlier, we install as a standard on every site we build. However, we do recommend you upgrade to the Premium version (around US$89 per year). The main difference between the free and premium versions is that there is a 30-day delay in information for the free version, whereas updates happen in real time for premium subscribers. Back to the Neighbourhood Watch example, if you’re a paid subscriber you’d get a knock on your door as soon as a potential new threat was detected, whereas if you had the free version you’d get a letter in the post a month afterwards.

Subscribers of Wordfence Premium can also access geo-blocking, which–as we mentioned in a previous post–can keep your site out of view from countries where a large amount of attacks originate from. Premium subscriptions also come with real-time IP blocking. If your website is the main source of your business marketing or you run an e-commerce site, we highly recommend you purchase Wordfence Premium.

Wordfence vs Sucuri

Installing an Endpoint WAF on your site, whichever one you choose, is a no-brainer. Our experience is that Sucuri seems to slow down the site a little, so if speed is your highest priority be aware of this. Sucuri may be a little more robust as it also integrates DNS-level firewalls and does a lot of hardening on the code side of things, but this can also mean that it’s more challenging to remove, and can cause some challenges with development. This is why, for speed and flexibility. we prefer Wordfence.

Whichever Endpoint WAF you choose, you’ll find that having even a basic Endpoint WAF can save you a lot of time, hassle, and money through increased site security.

Comments (0)

Other Articles
Dec 13, 2023 by Nathaniel Garvin

It’s Time for a Change
Uncategorized

At the very start, Jiffi Web Help was formed to help businesses with their websites, filling in the gap either in time or lack of knowledge. While this is still a part of our focus, Jiffi...
Jun 5, 2023 by Nathaniel Garvin

Can I use WordPress for an enterprise level website?
Insights, Web Design, Wordpress

In this article we're going to discuss if WordPress can be used to build an enterprise level website? The answer is, yes, it can, however it's not necessarily how you will find most WordPress websites are...