via pluginvulnerabilities.com => original post link
It’s common for critics of the Wordfence Security plugin to claim it isn’t useful unless you are using the companion Wordfence Premium service because new rules for the firewall are only provided to paying customers for the first 30 days after they are created, so free users won’t be protected against getting hacked. Like so much security advice, that isn’t backed with evidence supporting it. There turn out to be multiple serious problems with that claim.
One problem being that the plugin provides a fair amount of protection through what we refer to as general protection, which doesn’t require a rule written for a specific vulnerability. It doesn’t provide as much as the best WordPress firewall plugins do, though. [Read more]