WordFence Under The Hood

Erfahren Sie die größten Stärken und Schwächen von WordFence im direkten Vergleich mit dem Markt

WordFence Übersicht

Created in 2011 as the first security plugin for WordPress, WordFence has steadily grown in popularity with time. WordFence's core security solution is to discover newly published, or actively exploited security vulnerabilities, investigate them, create custom "virtual patches" to block exploitation of the vulnerabilities and push them to paying customers. Their free customers then receive the patches 30 days later.

The WordFence approach is a black-list or block-list approach. WordFence block's everything that looks like SQL injection or Cross-Site-Scripting (XSS) and anything they have a specific signature for and then allow everything else. This creates a data problem for WordFence as they can only block things that they previously know about and have developed rules and patches for, leaving websites vulnerable while patches are developed.

BitFire Übersicht

Recently funded in Januray 2023, BitFire is a new startup in the security space and is the first Runtime Application Self Protection (RASP) solution for WordPess. . The BitFire solution is to white-list or allow-list good traffic and block everything else. This creates the inverse data problem of WordFence as they must know what all "good traffic" is to block everything else.

BitFire has 2 unique features, bot blocking and RASP, in addition to the standard WAF (SQLi, XSS, XXE, CRSF, etc) most security solutions provide. Effective Bot Blocking is crucial since 99.9% of hacks are completely automated. This is because web tools like ZMap can scan the entire Internet looking for vulnerable web-sites in under a day.

To stop automated tools like ZMap and ZGrab, BitFire maintains a list of over 600 known good bots like search engines and seo tools and can verify them with network authentication. This means that an attacker would have to both impersonate GoogleBot AND launch the attack from google's campus in Silicon Valley to bypass the Bot Blocking. In addition to authenticating robots, BitFire authenticates human's as well with a JavaScript challenge that verifies a request claiming to be a web browser, is really a web browser and not an automated attack tool.

Finally BitFire's RASP layer integrates directly with the PHP runtime monitoring all database, network and filesystem access. This allows BitFire to prevent any security vulnerability from uploading malware, adding backdoor accounts to the database or using the network to attack other systems (SSRF).

Leistung: fügt hinzu. 44% zur Erstellungszeit der Seite

685.416 von 2.197.485 Mikrosekunden Ladezeit für WordPress
Speicher: fügt hinzu. 125% zur Speichernutzung

4.884KB von 8.671KB benötigtem Speicher für WordPress. 128MB Minimum
Malware-Scanning: übersieht oft benutzerdefinierte Malware

langer speicher- / CPU-intensiver Prozess
Fake-/Angriffs-Bots blockieren

WordFence hat keine Bot-Kontrollen

Blockiert alle bekannten Formen von Reflected XSS

Blockiert viele Injektionen (verschachtelte Kommentar-Regex-Umgehung)
PHP de-serialisieren Objekt Injektion

Blockiert zuvor bekannte Objektinjektionen

2-Faktor-Authentifizierung, Anmeldeüberprüfung, Brute-Force-Sperre
Zentralisierte Verwaltung

Ermöglicht die Überwachung mehrerer Websites von wordfence.com aus
Spezifisches Patching von Sicherheitslücken

WordFence blockiert ~200 spezifische bekannte Sicherheitslücken
Datei: Laufzeitanwendung Selbstschutz

WordFence kann die Änderung von PHP-Dateien nicht sperren
Datenbank: Selbstschutz der Laufzeitanwendung

WordFence verfügt nicht über Datenbankzugriffskontrollen
Netzwerk: Laufzeitanwendung Selbstschutz

WordFence prüft den Netzwerkverkehr nicht

WordFence unterstützt keine Browser Content Security Policy

BitFire 3.6.1

Leistung: fügt hinzu. 1% zur Erstellungszeit der Seite

16.016 von 1.528.085 Mikrosekunden Ladezeit für WordPress
Speicher: fügt hinzu. 0.01% zur Speichernutzung

58K von 3.798KB benötigtem Speicher für WordPress. 1MB Minimum
Malware-Scanning: alle Umleitungen und dynamischen Codeausführungen finden

10.000 Dateien pro Minute, geringer Speicherbedarf, 2,5 Millionen Malware-Domains
Fake-/Angriffs-Bots blockieren

Identifizieren und validieren Sie 600+ gute Bots mit Netzwerkauthentifizierung, blockieren Sie alles andere

Blockiert alle bekannten Formen von Reflected XSS

Blockiert alle Injektionen (SQL Query Parsing fängt mehr Angriffe ab)
PHP de-serialisieren Objekt Injektion

Blockiert alle PHP-Objektinjektionen

2-Faktor-Authentifizierung, Anmeldeüberprüfung
Zentralisierte Verwaltung

Jede Website kann nur von authentifizierten lokalen Benutzern verwaltet werden.
Spezifisches Patching von Sicherheitslücken

BitFire erlaubt nur bekannt guten Verkehr und verwendet keine schwarzen Listen
Datei-Laufzeit-Anwendung Selbstschutz

Sichern Sie alle Ihre PHP-Dateien vor Hackern und Malware
Datenbank-Laufzeitanwendung Selbstschutz

Sichern Sie Ihre Datenbankzugangsdaten vor Hackern und Malware
Netzwerk-Laufzeitanwendung Selbstschutz

Verhinderung von Server Side Request Forgery und TOUTOC-Schwachstellen

Erstellen Sie automatisierte Content Security Policies zum Schutz von Client-Browsern

WordFence ist das beliebteste Sicherheitstool für WordPress. Was macht es eigentlich?

WordFence boasts over 4,000,000 installs as the most popular security plugin on the planet. This is largely due to the fact as users have no real way to evaluate security quality, they tend to go along with what's popular. And so WordFence, being the first security plugin available; became the dominant force in the industry.

WordFence has 4 versions it ships to customers. The commercial version which retails for $120 USD / year is their primary product. The firewall ships with about 200 unique rules and 40,000 IPS that block specific plugin exploits of known security vulnerabilities and known or suspected attack IPS.

If your website is being attacked by one of these IP addresses or you are running a vulnerable version of a plugin they have a virtual patch for, WordFence can prevent your website from being hacked in those cases.

Was ist mit unbekannten Schwachstellen oder anderen IP-Adressen?

There are over 6,500 known WordPress plugin and theme vulnerabilities, WordFence can protect you from the 200 most recent vulnerabilities or about 3.0% of known vulnerabilities and 40,000 or 0.00009% of the 4,228,250,625 IPv4 addresses.

To WordFence's credit they do a lot of security research and often discover these vulnerabilities themselves. Also, the 200 or so vulnerabilities that they block tend to be the most current actively exploited vulnerabilities. But they are playing a losing game, no matter how fast they research and develop custom rules for newly discovered vulnerabilities they often only discover the issue after customer exploitation has occurred and malware is infecting client systems.

Until a new custom rule is created and push to their customers, your site is vulnerable. This is why WordFence upcharges clients $500 or $1,000 to clean malware that the WordFence software allowed to infect the site.

By contrast, BitFire garantiert the security of the RASP system and will not only clean any malware infecting a RASP protected system free of charge, but fully refund the purchase price of the 1 year license.

Sind die 120 USD für WordFence die Kosten wert?

If you plan to use WordFence for your website security, we HIGHLY recommend you use the paid version. The free version of WordFence only pushes new rules to free customers after 30 days, and free customers do not benefit from their IP block list, greatly reducing the benefit of the software.

By the time 30 days has past, a vulnerable website has already been exploited. This is because web scanners like ZGrab and others can scan the entire Internet looking for vulnerable systems to exploit in under a day from a single machine. That's right 4,228,250,625 web sites scanned per day from a single machine.

Wenn die neuen Regeln auf Ihrer Website veröffentlicht werden, sind Sie bereits gehackt worden.

Ist der $132USD BitFire seinen Preis wert?

Properly configured BitFire Bot Control is enough to protect most WordPress websites. Customers looking for guaranteed protection and peace of mind while not worrying about possibly spending an additional $1,000 - $500 USD to clean up a malware infection in the event their security software fails, should consider purchasing a BitFire RASP license to protect their websites.

Brauchen Sie Hilfe bei der Sicherung einer Website?

The only thing we love more than security is helping people. Send a message to our chat room with the form below and someone will reach out shortly to help with any security challenge you may face.