I understand what you're saying about ease of use and all, but as an example, in the Bulletproof Security demo, you literally pressed the "stop scan" button and then complained that the plugin didn't find anything. I felt that way during most of the presentation, where you basically had an opinion about each plugin before you even used it, and then didn't actually look deep enough because you already formed an opinion. You did the same thing with Cerber, where you stopped looking for the scanner WAY too easily (it's right in the link called "site integrity" by the way ... not too hard to find). I'm sorry to be critical, but next time, maybe spend more time with less plugins. I feel like I wasted my time watching this video, because you basically gave your favorite tools without making a great case against the ones you didn't care for.
Just tried Malcare and absolutely didn't like it. Non-WordPress UI that itself feels like malware, hahaha. Slow scan and didn't find the threats that WordFence did.
Please make a video comparing Wordfence , WPCerber, Sucuri from non techie point of view. Which one is easiest to use ? Example if there is an attack a non techie can get clean up from Sucuri expert so does this really help Non-techie? Are other plugins useful for Non-technical people (Cerber/wordfence)? Because not everyone can understand weather the code is malicious or not & they may delete essential files. Use paid plugin features for comparison if possible.
Biggest issue with Wordfence FREE is that the firewall and protection updates are delayed 30 days. As such it does nothing to protect your site against 0 day exploits, and by the time a protection update is released, the vendor as always often patched the problem weeks earlier. Hence it's largely useless unless you want to toss $99 USD a year at it out of the box on a whim.
Hmmmm...your statement doesn't make sense. Firewall protection is live. You can't have 30-day delayed firewall as attacks have to be turned away live. 30-day delay on signature protection doesn't even sound that bad because even if it doesn't detect the vulnerability, it WILL detect malware and outside files being introduced into your directories. You're welcome to send me official links on this if you have any.
@@WPJohnny I see your point, however if it's a new exploit (lets take the TRXAddon one, or a new SQLi attack). If the firewall doesn't know about it, because its a 0 day attack, then the attacker just goes straight through the firewall. That said Wordfence with a subscription solves that.
@@WPJohnny Just to clarify more... remember that a firewall isn't just a firewall. There are various types. Most "firewalls" operate on OSI layers 3 or 4, whereas Wordfence operates only on layer 7 (application layer). Wordfence: Web Appplication Firewall (Layer 7) Most other firewalls: Network Layer or Stateful Packet Inspection (Layers 3 and 4). A Layer 7 firewall lagging in definitions means your exposure is directly at a file and application level.
I understand firewall protection across various network layers. And also your point about day 0 attacks. I'm happy with WordFence free. Yes, it cannot secure above the application layer but that's why our web servers have firewalls. The most powerful DDOS attacks are targeted and do not happen much to my clients. I host several hundred of them around the world. The breaches that DO happen are often injections and backdoors, and for those WordFence has been essential at resolving. For my real world use...WordFence is the best. Even its free version.
I understand what you're saying about ease of use and all, but as an example, in the Bulletproof Security demo, you literally pressed the "stop scan" button and then complained that the plugin didn't find anything. I felt that way during most of the presentation, where you basically had an opinion about each plugin before you even used it, and then didn't actually look deep enough because you already formed an opinion. You did the same thing with Cerber, where you stopped looking for the scanner WAY too easily (it's right in the link called "site integrity" by the way ... not too hard to find). I'm sorry to be critical, but next time, maybe spend more time with less plugins. I feel like I wasted my time watching this video, because you basically gave your favorite tools without making a great case against the ones you didn't care for.
11:31 its really I can't find it right now! good comedian!
hahahah!
just to make sure I understand, is Wordfence free version perfectly fine or is the paid version needed in your opinion?
Great Advice
Thanks
I don't remember Cerber in Appsumo. The two I remember is Malcare & WebARX.
And Malcare is superb!
Hey, you're probably right. I do remember WebARX in Appsumo for sure..maybe I mixed them. :)
Just tried Malcare and absolutely didn't like it. Non-WordPress UI that itself feels like malware, hahaha. Slow scan and didn't find the threats that WordFence did.
Please make a video comparing Wordfence , WPCerber, Sucuri from non techie point of view. Which one is easiest to use ? Example if there is an attack a non techie can get clean up from Sucuri expert so does this really help Non-techie? Are other plugins useful for Non-technical people (Cerber/wordfence)? Because not everyone can understand weather the code is malicious or not & they may delete essential files.
Use paid plugin features for comparison if possible.
If you want easiest method, install WordFence or Sucuri but hire a developer to do cleanup whenever you have issues.
@@WPJohnny Will Sucuri expert help Non-techie to clean up after raising Ticket? I thought this is what they advertise.
Thanks for reply
Seems to me you should be asking them. I don't work for Sucuri.
WP Cerber > Site Integrity (=scan)
Biggest issue with Wordfence FREE is that the firewall and protection updates are delayed 30 days. As such it does nothing to protect your site against 0 day exploits, and by the time a protection update is released, the vendor as always often patched the problem weeks earlier.
Hence it's largely useless unless you want to toss $99 USD a year at it out of the box on a whim.
Hmmmm...your statement doesn't make sense. Firewall protection is live. You can't have 30-day delayed firewall as attacks have to be turned away live. 30-day delay on signature protection doesn't even sound that bad because even if it doesn't detect the vulnerability, it WILL detect malware and outside files being introduced into your directories. You're welcome to send me official links on this if you have any.
@@WPJohnny I see your point, however if it's a new exploit (lets take the TRXAddon one, or a new SQLi attack). If the firewall doesn't know about it, because its a 0 day attack, then the attacker just goes straight through the firewall.
That said Wordfence with a subscription solves that.
@@WPJohnny Just to clarify more... remember that a firewall isn't just a firewall. There are various types.
Most "firewalls" operate on OSI layers 3 or 4, whereas Wordfence operates only on layer 7 (application layer).
Wordfence: Web Appplication Firewall (Layer 7)
Most other firewalls: Network Layer or Stateful Packet Inspection (Layers 3 and 4).
A Layer 7 firewall lagging in definitions means your exposure is directly at a file and application level.
I understand firewall protection across various network layers. And also your point about day 0 attacks. I'm happy with WordFence free. Yes, it cannot secure above the application layer but that's why our web servers have firewalls. The most powerful DDOS attacks are targeted and do not happen much to my clients. I host several hundred of them around the world. The breaches that DO happen are often injections and backdoors, and for those WordFence has been essential at resolving. For my real world use...WordFence is the best. Even its free version.
Any thoughts on CleanTalk?
My clients love it, but I hate how it slows down the site. I understand the convenience but you can manage the same thing in other ways.
@@WPJohnny What is your suggestion for the BuddyBoss platform?
Although you might say its not necessary but i want to know; Will there be a problem if I use paid Sucuri + WPCerber both in 1 website?
Try and see for yourself. I don’t think there’s an issue if that’s what you really want to do.
What's your thought on Shield Security?
Link me
WPJohnny - wordpress.org/plugins/wp-simple-firewall/ I had it recommended on WordPress security forum but curious as to your perspective.
Thanks for recommending it. I can check it out soon.