Posted by Phi.
After a few recent hacks, we decided to improve the security measures on our WordPress sites. One of those was using an online scanning service called WebsiteDefender (www.websitedefender.com). WebsiteDefender is a free (for now) online service that scans your website for malicious code, audits your site for security issue, and alerts you if there is any suspicious activity.
On the WordPress side of things, they have a plugin, which gives you more security features that are WordPress related. For instance, it will tell you if your wp-admin/ has the wrong permissions and requires a chmod. Installing the plugin is not required in order for WebsiteDefender to work.
The essence of WebsiteDefender lies in the scanning service. Just sign up on their website, add your website to your account, and you are ready to go. However, take the extra step of uploading a secure file, known as the “agent”, to your site. The agent will allow the scanning service to do a more thorough scan of your website by looking through code and not just examining the HTML.
Currently, WebsiteDefender is free, but in beta. Once they move out of beta, it will be a paid service (for a price we have not been given yet). My major gripe with the service right now (and I understand they are in beta), is the lack of control and real-time feedback on scanning. Scans are only once a week and uou can’t schedule your scans. Also, you don’t know when your scans are occurring, only after it has completed. It would be great to have this sort of feature built into the service.
As we dig deeper into this service, I’ll post some updates. For now, check out WebsiteDefender and let me know what you think!