News
How to Find, Change & Protect the WordPress Login URL: A Beginner’s Guide
If you’ve recently launched a WordPress website, you might be asking, “How do I log in to WordPress?” or “Where is my WordPress login located?” Don’t worry — you’re not alone, and these are essential questions to ask. Understanding where to find your WordPress login URL and how to use it is a fundamental part […]
Read More
Wordfence Researcher Featured on Critical Thinking Podcast: Sharing Advanced WordPress Bug Bounty Tips and Tricks
Today was another huge step forward in our continuing mission to secure the web. In celebration of the Wordfence Bug Bounty Program’s New Year Bug Extravaganza promotion, our very own Ram Gall, Senior Security Researcher here at Wordfence, was featured on the Critical Thinking Podcast this morning, hosted by Justin Gardner (aka Rhynorater). This is […]
Read More
What are WordPress Security Headers?
Security headers are an essential tool in the world of WordPress security that often fly under the radar. These powerful lines of code work behind the scenes, quietly standing guard and deflecting sinister online threats. From preventing information theft to blocking sneaky intrusion efforts, security headers are a great line of defense. TL;DR: WordPress security […]
Read More
Wordfence Intelligence Weekly WordPress Vulnerability Report (January 15, 2024 to January 21, 2024)
Did you know we’re running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through February 29th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 84 vulnerabilities disclosed in 67 WordPress Plugins and 1 WordPress themes that have been […]
Read More
Fixing Website Hosting Issues: “This Account Has Been Suspended”
Experiencing a “This account has been suspended” warning on your website can be both confusing and alarming. This message means that your hosting provider has put your site on a temporary hold. The reasons for an account suspension can range from malware infections and spam content, excessive resource usage, unpaid web hosting bills, or policy […]
Read More
High Severity Arbitrary File Upload Vulnerability Patched in File Manager Pro WordPress Plugin
On December 14th, 2023, shortly after the launch of our Holiday Bug Extravaganza, we received a submission for an Arbitrary File Upload vulnerability in File Manager Pro, a WordPress plugin with an estimated 10,000+ active installations. This vulnerability made it possible for authenticated attackers to create a PHP file that could contain malicious content and […]
Read More
Our Bug Bounty Program Extravaganza is Back and it’s Longer This Time – Earn up to $10,000 for Vulnerabilities in WordPress Software!
At Wordfence our mission is to Secure The Web. WordPress powers over 40% of the Web, and Wordfence secures over 4 million WordPress websites. Our last extravaganza, the Holiday Bug Extravaganza, was so successful we decided to do it again to kick off the New Year right. Introducing our New Year Bug Extravaganza! Through February […]
Read More
Introducing Wordfence CLI 3.0.1: Now With Automatic Remediation!
Note: This post refers to Wordfence CLI, the command line tool for operations teams to rapidly scan large numbers of WordPress websites for vulnerabilities and malware, not the Wordfence plugin which is deeply integrated into WordPress and provides additional functionality, like a firewall, two-factor authentication and more. We’re excited today to announce Wordfence CLI 3.0.1, […]
Read More
6 Best WordPress Activity Log Plugins Reviewed
As a WordPress site owner, you need to know what is happening on your site all the time: who has made what change when. An activity log plugin, as the name suggests, captures every action and event that occurs on your site. It is a great way to keep accountability, and can be an early […]
Read More