Can wordfence prevent a breach attack?

  • Hello, I have tried to search for information about this topic, but I can’t find anything, I would like to know if wordfence takes the following security mitigations to prevent a breach attack:

    a. Disable HTTP compression.

    b. Separate secrets from user input.

    c. Randomize secrets per request.

    d. Mask secrets (effective randomization using XORing with one random secret per request). and.

    e. Apply protection to vulnerable pages with CSRF.

    F. Hide length by adding a random number of bytes to responses.

    g. Limit requests.

    • This topic was modified 6 days, 1 hour ago by nayarez.
Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @nayarez,

    Our Threat Intelligence team won’t be able to look at this in more detail now until start of business next week, but I just wanted to confirm that you’re asking about the following threat?: https://breachattack.com/

    The associated CVE appears here: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3587

    I just wanted to make sure I’d not misunderstood your query and will forward the details to the team to look at once you confirm.

    Many thanks,
    Peter.

    Thread Starter nayarez

    (@nayarez)

    Yes, I want to confirm that this is the threat I’m referring to. Also, I would like to know if Wordfence is sufficient to mitigate such an attack and if it helps with the listed mitigations.

    Great topic! I’d like to know the answer as well. ??

Viewing 3 replies - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.

Tags