WordPress Security Plugins Review - WordFence, Cerber, Sucuri, iThemes Security, and more!

just to make sure I understand, is Wordfence free version perfectly fine or is the paid version needed in your opinion?

I understand what you're saying about ease of use and all, but as an example, in the Bulletproof Security demo, you literally pressed the "stop scan" button and then complained that the plugin didn't find anything. I felt that way during most of the presentation, where you basically had an opinion about each plugin before you even used it, and then didn't actually look deep enough because you already formed an opinion. You did the same thing with Cerber, where you stopped looking for the scanner WAY too easily (it's right in the link called "site integrity" by the way ... not too hard to find). I'm sorry to be critical, but next time, maybe spend more time with less plugins. I feel like I wasted my time watching this video, because you basically gave your favorite tools without making a great case against the ones you didn't care for.

Any thoughts on CleanTalk?

WP Cerber > Site Integrity (=scan)

Although you might say its not necessary but i want to know; Will there be a problem if I use paid Sucuri + WPCerber both in 1 website?

Please make a video comparing Wordfence , WPCerber, Sucuri from non techie point of view. Which one is easiest to use ? Example if there is an attack a non techie can get clean up from Sucuri expert so does this really help Non-techie? Are other plugins useful for Non-technical people (Cerber/wordfence)? Because not everyone can understand weather the code is malicious or not & they may delete essential files.

Use paid plugin features for comparison if possible.

Interesting review. What do you think about this combination: Ithemes as checklist + Ninjafirewall + sucuri online malware scanner ?

Would combine all 3 you stated. I heard only good about ninjafirewall, but im no expert. Furthermore i read an article of a german security expert who said that Ninjafirewall blocked some attacks, that wordfence didn't. He recommended ninjafirewall over wordfence.

Biggest issue with Wordfence FREE is that the firewall and protection updates are delayed 30 days. As such it does nothing to protect your site against 0 day exploits, and by the time a protection update is released, the vendor as always often patched the problem weeks earlier.


Hence it's largely useless unless you want to toss $99 USD a year at it out of the box on a whim.

Great Advice

Thanks for this. It's WordFence for me too for the same reasons. I have cleared up hacked sites for clients not on our care plan and every time WordFence found positives that others didn't. I have used these hacked sites to evaluate other plugins.

I also took WordFence off 3 sites to to try alternative scanner and firewall and 2 were hacked within 2 months. These were the first hacks I had personally had of sites I managed.

The only downside is the high server resources WordFence uses, but I am I happy to accept that on balance.

I don't remember Cerber in Appsumo. The two I remember is Malcare & WebARX.
And Malcare is superb!

What's your thought on Shield Security?