Skip to main content
GeneralSecurityWordPress

WordPress Web Application Firewall Launched

By April 14, 2016No Comments

The exceptional WordPress security plugin Wordfence, now comes with a free firewall as part of its free protection plan. Released this week, you’ll now have the option to enable the Wordfence Web Application Firewall, after a period of time in learning mode, where normal site actions are white-listed.

Whilst in learning mode, you’re advised to publish posts, change theme styles, moderate comments and use your site plugins as normal.

The Wordfence Web Application Firewall

Wordpress firewall - wordfence

As documented in its wiki, Wordfence’s firewall;

is a PHP based, application level firewall that filters out malicious requests to your site. It is set up to run at the beginning of WordPress’ initialization to filter any attacks before plugins or themes can run any potentially vulnerable code.

Protecting Your WordPress Website Against

  • SQL Injection
  • Cross Site Scripting (XSS)
  • Malicious File Upload
  • Directory Traversal
  • Local File Inclusion
  • External Entity Expansion (XXE)

The firewall is now included as part of the WordPress security plan for all websites maintained by Measured Designs. We’re big supporters of the guys at Wordfence, it is the go to plugin to help secure your WordPress website.

Andrew Taylor

A senior UI designer with over 25 years of web design and web development experience working for some of the largest companies in the UK. An expert in all things Magento and WordPress.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.