WPSec – WordPress Web Application Firewall and Intrusion Prevention System

WPSec – WordPress Web Application Firewall and Intrusion Prevention System


WPSec is a WordPress security suite that contains some essential security tools for any WordPress site. Featuring a Web Application Firewall, Intrusion Prevention System, Rate Limiter and a number of hardening steps; this plugin leaves you in the best position to combat security threats.

Whilst the WAF can defeat dynamic security threats (even before vulnerabilities have been exposed), the Rate Limiter will prevent scanning attacks and brute force attacks. A number of security patches are also applied to WordPress in a bolt-on fashion to protect a number of attack vectors.

This plugin goes beyond what other WordPress security plugins can offer, by offering dynamic security instead of passive attack prevention measures. This plugin will even protect the WordPress core, themes and plugins by enforcing itself as a priority script in WordPress.

Tech Specs:

  • Custom Web Application Firewall with customisable ruleset
  • Comes with 78 Firewall rules
  • Able to block SQL Injection, XSS, CSRF, Arbitrary Code Execution
  • Rate Limiter to block brute force attacks
  • Site wide rate limiting for penetration testing attacks
  • Bolt-on patches to protect the WordPress core
  • Protect against vulnerabilities in third-party themes and plugins
  • Enforces itself as the first loaded plugin and runs scripts before WordPress actions have a chance to kick-in
  • Compatible with and protects third-party plugins (e.g. WooCommerce)


Author Image