Suspicious

Please click the usernames in the reviews to verify who they are before making baseless accusations.

The ‘ads’ you receive are actually alert emails that you chose to receive from your website. They contain a small footer reminding you that you’re using the free version of our plugin.

Any suspicious login attempt we show you includes the IP address. You can use the WHOIS facility we include to find out exactly which network that IP address is on and contact the ‘abuse’ email for that network to report the attacker. It would be both stupid and criminal (according to the CFAA act) for us to send fake hack attempts.

Kind regards,

Mark.

“Please click the usernames in the reviews to verify who they are before making baseless accusations”

I didn’t base anything on usernames or reviews, just my little 2 month experience with the plugin and my 15 years of Web Development.

I’m very familiar with WHOIS and Proxies.

Wordfence might work well for many, but from what i’ve experienced, i’m steering clear of it.

I wonder if with the collection of reviews that this plugin has generated, now they’re adjusting things to push sales?

Hmmmmm, that would be a tactic. I uninstalled this.

So… you’ve not really found any problem with the plugin, you just think that your suspicions of “tactics” rates a 1 star?

I didn’t base my review on usernames or reviews, just my little 2 month experience with the plugin and years of experience with wordpress and other plugins.

I did base my initial decision to try this plugin on the reviews here. Like many types of products, plugins, etc… at many different types of websites, reviews are very helpful and usually point us to the right thing. 9 times out of 10 i select well because of the reviews.

I feel a slight duty to contribute to reviews as much and as honestly as i can. I’m in debt to the reviews, so i slowly work on paying that back with reviews. Most of the time i agree with the reviews, this time i honestly didn’t.

After installation of this plugin, i started getting regular hack attempts. This only happened on the 1 of 15 wordpress sites that i installed Wordfence on. I started getting regular ads set to me. It seemed like Wordfence was persistent about letting me know that there is a paid version and that i’m still vulnerable to known problems because i only have the free version. Half a remedy is still only half. The only potential complete security solution Wordfence has is $39 a year.

“A Premium Wordfence license also includes remote scanning with each scan of your site which can detect several additional website infections.”

So I tightened security a bit more but still had these issues. The thing that finally pushed me to remove Wordfence was my hosting provider notifying me that a suspicious upload was detected, trying to upload to the Wordfence folder. My hosting provider blocked it.

All of these problems were solved with the uninstallation of Wordfence.

In theory Wordfence sounds great. I liked what i read about it. Wordfence might work well for many, but from what i’ve experienced, i’m steering clear of it. This is just my honest opinion, i don’t work for any plugin or security companies, i’m just someone who builds and manages websites.

Well Mr. 15yrs web development I’ll see your experience and raise you a decade at MSFT.

Your inexperience with WP led you to believe that sometime around when you were playing with your website blackhats found your URL and started pinging it, so you correlated the plugin to the issue. It doesn’t take long between installing, registering a domain and it being probed.

I run 36 paying production WP sites all protected by the free version, all pass audits for the feds (as needed) and I have no problems, nor have we seen WF trying to scare you into premium. I have actual dedicated servers and not shared hosting or under-the-desk sandboxes.

lol, If you really had that experience you’d understand the value of honest reviews.

Honest reviews are only honest if you did your due diligence instead of asserting a conspiracy that doesn’t have any supporting facts.

Please show us where the plugin caused your site to be probed. Wireshark logs perhaps?

Analogscott,

I had the exact same question.

It seems completely logical to wonder if, by presenting the admin with a log many attempted “attacks,” WF hopes that you will buy the paid version.

I do not have a way to find out if this is a sales tactic, but I had the same thought. I have the P/U installed on one of my sites and each time I recv a warning email, so I just wonder…

For those critical of comments like mine, I beg you to consider that this is an honest inquiry, not a condemning of the p/u. It is not a “baseless” “conspiracy” theory, but an honest and sincere question.

I wouldn’t put it past anyone to try but tbh because of how prevalent wordpress is online its highly ordinary to see attempts to access your website once you enable the means to log the attempts.

If you installed wordpress I give it 1 week tops before your domain has been probed by ‘someone’. Once they start they never stop.