Even if both plugins are considered WordPress Security plugins, WordFence and Hide My WP work together without any issue and both will add security layers on your websites, stopping the hackers’ attacks and preventing data loss.
- Both plugins are free and used successfully by many companies around the globe.
- Both plugins load fast and work with SEO and Cache plugins.
- Both plugins work on all types of servers.
- Hide My WP works as security through obscurity and prevents access to vulnerable files and paths.
- Wordfence works like a firewall to prevent Brute Force attacks and virus injections and more.
Wordfence runs at the endpoint, your server, providing better protection than cloud alternatives. Cloud firewalls can be bypassed and have historically suffered from data leaks. Wordfence firewall leverages user identity information in over 85% of our firewall rules, something cloud firewalls don’t have access to. And our firewall doesn’t need to break end-to-end encryption like cloud solutions.
- Web Application Firewall identifies and blocks malicious traffic. Built and maintained by a large team focused 100% on WordPress security.
- [Premium] Real-time firewall rule and malware signature updates via the Threat Defense Feed (free version is delayed by 30 days).
- [Premium] Real-time IP Blacklist blocks all requests from the most malicious IPs, protecting your site while reducing load.
- Protects your site at the endpoint, enabling deep integration with WordPress. Unlike cloud alternatives does not break encryption, cannot be bypassed and cannot leak data.
- Integrated malware scanner blocks requests that include malicious code or content.
- Protection from brute force attacks by limiting login attempts.
WORDPRESS SECURITY SCANNER
- Malware scanner checks core files, themes and plugins for malware, bad URLs, backdoors, SEO spam, malicious redirects and code injections.
- [Premium] Real-time malware signature updates via the Threat Defense Feed (free version is delayed by 30 days).
- Compares your core files, themes and plugins with what is in the WordPress.org repository, checking their integrity and reporting any changes to you.
- Repair files that have changed by overwriting them with a pristine, original version. Delete any files that don’t belong easily within the Wordfence interface.
- Checks your site for known security vulnerabilities and alerts you to any issues. Also alerts you to potential security issues when a plugin has been closed or abandoned.
- Checks your content safety by scanning file contents, posts and comments for dangerous URLs and suspicious content.
- [Premium] Checks to see if your site or IP have been blacklisted for malicious activity, generating spam or other security issue.
- Two-factor authentication (2FA), one of the most secure forms of remote system authentication available via any TOTP-based authenticator app or service.
- Login Page CAPTCHA stops bots from logging in.
- Disable or add 2FA to XML-RPC.
- Block logins for administrators using known compromised passwords.
- Wordfence Central is a powerful and efficient way to manage the security for multiple sites in one place.
- Efficiently assess the security status of all your websites in one view. View detailed security findings without leaving Wordfence Central.
- Powerful templates make configuring Wordfence a breeze.
- Highly configurable alerts can be delivered via email, SMS or Slack. Improve the signal to noise ratio by leveraging severity level options and a daily digest option.
- Track and alert on important security events including administrator logins, breached password usage and surges in attack activity.
- Free to use for unlimited sites.
- With Live Traffic, monitor visits and hack attempts not shown in other analytics packages in real time; including origin, their IP address, the time of day and time spent on your site.
- Block attackers by IP or build advanced rules based on IP Range, Hostname, User Agent and Referrer.
- Country blocking available with Wordfence Premium.
Hide My WP Features:
Hide My WP Ghost works as security through obscurity solution for WordPress websites.
Security through obscurity is one of the best solutions against hacker bots and one of the best ways to protect vulnerable plugins and themes.
SECURITY THROUGH OBSCURITY:
- Hide WordPress wp-admin URL and redirect it to 404 page or a custom page
- Hide WordPress wp-login.php and redirect it to 404 page or a custom page
- Change the wp-admin and wp-login URLs
- Change lost password URL
- Change register URL
- Change logout URL
- Change admin-ajax URL
- Change wp-content URL
- Change wp-includes URL
- Change comments URL
- Change author URL
- Change plugins name URL
- Change themes name URL
- Change category URL
- Change tags URL
HIDE WORDPRESS CMS:
- Hide WordPress HTML comments
- Hide Version and WordPress Tags
- Hide DNS Prefetch WordPress link
- Hide WordPress Generator Meta
- Hide RSD (Really Simple Directory) header
- Hide Emojicons if you don’t use them
- Disable XML-RPC access
- Disable Embed scripts
- Disable DB-Debug in Frontend
- Disable WLW Manifest scripts
BRUTE FORCE PROTECTION:
- Brute Force with Math Captcha and reCaptcha
- Website Security Check with over 30 signals
- Free weekly security check and reports
- Backup and Restore settings
- Fix relative URLs
- Change classes using Text Mapping from HTML code
- Cache CSS, JS and Images to optimize the loading speed
Compatible with: WP Multisite, Apache, Litespeed, Nginx and IIS.
Plugins Compatibility updates: W3 Total Cache, WP Super Cache, WP Fastest Cache, Cache Enabler, CDN Enabler,
WOT Cache, Autoptimize, Jetpack by WordPress, Contact Form 7, bbPress, All In One SEO, Yoast SEO, Squirrly SEO,
WP-Rocket, Minify HTML, iThemes Security, Sucuri Security, Back-Up WordPress, Elementor Page Builder,
Weglot Translate, AddToAny Share Btn
Hosting Compatibility checked: WP Engine, Inmotion Hosting, Hostgator Hosting, Godaddy Hosting, Host1plus,
Payperhost, Fastcomet, Dreamhost, Bitnami Apache, Bitnami Nginx, Google Cloud Hosting
Let us know what you think about these plugins.