Critical Security Update: Directorist WordPress Plugin Patches Two High-risk Vulnerabilities
https://www.wordfence.com/blog/2023/06/critical-security-update-directorist-wordpress-plugin-patches-two-high-risk-vulnerabilities/

#WordPress #Directorist #Wordfence

Wordfence Intelligence Weekly WordPress Vulnerability Report (Apr 24, 2023 to Apr 30, 2023) https://www.wordfence.com/blog/2023/05/wordfence-intelligence-weekly-wordpress-vulnerability-report-apr-24-2023-to-apr-30-2023/?utm_campaign=Wordfence%20Intelligence%20Marketing&utm_medium=email&_hsmi=256968089&_hsenc=p2ANqtz--Fz0bN_f30U6Z4ZfLNv2zDBNxW0JlaDgzh48bymiLL-MNHfazWv6C0JNwx24yTei-eDNYkP1j4XGMMP-PqdliARHYetg&utm_content=256968089&utm_source=hs_email #wordpress #wordfence

#Wordfence blocking entire #VPNs is a non-sense. This is not #security: this is just #discomfort.

[Blog] ClassicPress im Fediverse – https://blog.atari-frosch.de/2023/03/30/classicpress-im-fediverse/ #ClassicPress #WordPress #Fediverse #Wordfence

@tim @cherdt I've been using #Wordfence (free) for years on all the sites I maintaining (about 280 now) and have never seen performance issues (unless you log all traffic, but that should be seen only as a debug mode).
Even on my own (monitored) server with 110 sites using Wordfence, I don't see performance issues on server level.
Wordfence also offers a great WAF, malware scanner, abandoned plugin/them check and much more.

Dear #WordPress Admins,

I have running WP inside a container, behind #traefik with #crowdsec and the #wordpress-bouncer working fine. But I would love to configure the #geoblock feature with the #geblock feature. Besides writing my own script, is there an option to update the #geoLite2 Database automatically by #crowdsec or the #crowdsec plugin. Am I missing something?

@wpsofa

#Wordpressadmin #security #wordpresssecurity #fail2ban #wordfence #wpsofa

Wordfence has published the details of two stored XSS vulnerabilities the company responsibly disclosed to the developers of the All In One SEO plugin in January 2023. The vulnerabilities potentially impacted more than 3 million users on versions 4.2.9 and earlier.

https://wptavern.com/all-in-one-seo-patches-multiple-stored-xss-vulnerabilities-in-version-4-3-0

#WordPress #Vulnerabilities #updates #vulnerability #WordFence #Security

#Wordfence ha analizzato le vulnerabilità segnalate nel 2022 sui siti #Wordpress. Si evidenzia un aumento degli attacchi #hacker, ma anche una maggiore consapevolezza degli utenti sul tema #sicurezza. https://www.offertalink.it/rapporto-wordfence-sulle-vulnerabilita-wordpress-2022/

#Cloudflare 521 investigations continuing but safe to say #Wordfence has been eliminated from enquiries. God I've been watching too many #Police 🚓 👮‍♀️ procedurals lately.

Ditto any Wordpress plugins. Did some tests with a completely empty Wordpress multisite install and same 521 errors came
intermittently. Wondering if there's any connection to PHP 8.1 at all? Still some deprecations showing from the core WP code. Had a subdomain with static code for several minutes and did not see 521s on it.

Netter Versuch.

Zu blöd nur, der der einzig existierende Account mit einem starken Passwort PLUS 2FA gesichert ist - den Rest blockt #WordFence sehr zuverlässig weg 😃

argghhh - #wordpress plugins that are super intrusive to the WP editing experience are doing my head in this morning. Notifications/popups/warnings. Just stop!!! I know you want me to go Pro - but add value not annoy the hell out of me. For some reason #Wordfence has started to become so annoying i have removed it.

Fixed an issue with a #Wordfence scan failing the "Server State" check. Turned out there was a missing DNS record. Really gnarly migrating #Wordpress with Wordfence enabled - should have followed this advice re Extended Protection before starting.
https://www.wordfence.com/help/advanced/remove-or-reset/#migrate-with-wordfence

The #wordpress security plugin #Wordfence has released their annual report | See article here: https://www.wordfence.com/blog/2023/01/the-wordfence-2022-state-of-wordpress-security-report

If, like me, you manage #Wordpress websites you need to run #Wordfence (at least the free version) and you should probably take a good look at their 2022 State of Wordpress security report which you download here:

https://www.wordfence.com/blog/2023/01/the-wordfence-2022-state-of-wordpress-security-report/

#WordPress #CyberSecurity #Wordfence #WebsiteSecurity

Just in case you have a site and receive such nonsense, here's some good advice from #Wordfence https://www.wordfence.com/blog/2023/01/psa-your-site-isnt-hacked-by-this-bitcoin-scam-keep-the-money/?utm_campaign=Wordfence%20Blog%20Emails&utm_medium=email&_hsmi=242858648&_hsenc=p2ANqtz-_zpKMRNNfZLbe86wIgYsXhGCFAoukfzSkddDWm-lONO_-70xscZxSMD1e7kd8RGKCZskMjMfdl7UbgDw_bBEM7uZe0XIdg_9T0nxRiSnsUwcgV5Yo&utm_content=242858648&utm_source=hs_email

The folks at Defiant/WordFence are class acts. I thought I had deleted a license, but it seems I had just deleted it from one view. The license went on to renew for the usual (over USD100) rate, but would never be used again. Their billing department happily refunded my money.

That's how it should work. Thank you, folks!

#WordFence #Defiant #SelfHosting

@otto42 @cymplecy Exactly what @otto42 says. Also check your brute force login settings. Set them to something like 5 login attempts or 3 password resets, within 30 minutes, block 2 months.

And if you are still worried, enable 2FA, which is offered by #Wordfence as well.

Ever since I installed #WordFence on my #WordPress blog site server, it has been an eye-opener as to the brute force attacks that must be taking place everywhere on T'internet. I recommend that you don't have easily guessable site usernames (as I used to) as you just give away half of your security by doing so

Ever since I've added #WordFence to my #Wordpress blog I'm getting quite a few emails about it blocking users trying to brute force their way in! Obs, this was happening previously but didn't know about it - changed password to password123456! - that'll hold them back :)

@beasts After severla passes of #WordFence and deleting/repairing files , deleting unused plugins and updating everthing in sight -all seems OK now :)

Excellent customer service from #MythicBeasts