Wordfence CLI 2.0.1 Update Adds Free Vulnerability Scanning – WP Tavern

Wordfence CLI 2.0.1 launched free vulnerability scanning this week. The brand new CLI product was launched at WordCamp US two months in the past with malware detection capabilities, however the newest replace brings in essentially the most extremely requested characteristic – vulnerability scanning at scale.

Wordfence is most well-known for its Net Software Firewall, malware scanner, and login safety product, which is packaged as a free plugin and put in on greater than 4 million web sites. The CLI is the first-ever command line malware and vulnerability scanner for WordPress servers. It’s focused at builders, website cleaners who scan massive numbers of information for remediation, companies, and internet hosting firms that wish to scan throughout whole networks of thousands and thousands of shoppers.

“Vulnerability scanning in Wordfence CLI 2.0.1 makes use of our personal open vulnerability database,” Wordfence CEO Mark Maunder stated. “The database itself is totally free for anybody to make use of, and consists of APIs which can be open, together with net hooks in order that builders can construct real-time alerting into their purposes. Our mission is to safe the Net, and we expect that having an open vulnerability database, with an open supply, sturdy and excessive efficiency vulnerability scanner for servers furthers that mission.”

The vulnerability database consists of accountable disclosures revealed by researchers for the advantage of the broader neighborhood.

“As a result of most vulnerabilities come from the analysis neighborhood, we consider they’re public property,” Maunder stated. “Whereas some firms do cost for his or her assortment of vulnerabilities, we don’t suppose it’s acceptable to resell public property, which is why we created an open and fully free vulnerability database.”

The CLI vulnerability scans use the Wordfence Intelligence Vulnerability API feed, which is free for each private and business use. It comprises greater than 12,250 distinctive vulnerability data affecting 7,600 plugins and themes. The Wordfence group provides a mean of 82 new vulnerabilities per week.

Model 2.0.1, code named “Voodoo Youngster” simplifies set up so customers not need to go to the Wordfence website to get an API key. The instrument fetches the API key within the background to make it simpler to get began.

Wordfence CLI is licensed underneath the GPLv3 and available on GitHub, together with documentation for putting in, configuring, and operating the applying.

“Wordfence CLI is a type of initiatives the place the product roadmap writes itself as a result of there may be such an apparent want for a robust instrument like this within the WordPress server administration area,” Wordfence lead developer Matt Barry stated. “We’re on this for the lengthy haul and can proceed to take a position closely in Wordfence CLI, along with your steering.”