Why Ninja Firewall Is The Best Firewall for WordPress
There are several firewall and security plugins for WordPress. For me, the best choices are Wordfence, The Shield, and Ninja Firewall. The order is random, please don’t get me wrong on this.
Wordfence is the most popular plugin by FAR, with some 4 million installations. It is a truly remarkable plugin that generously provides a lot of features in the free version, like full WAF and Rate Limiting. The support at WordPress.org is also very good.
What I don’t like about Wordfence is that it can put a lot of stress on your server CPU and database under certain circumstances. Wordfence is also a bit sensitive with other plugins and conflicts can occur. Also, I’m not sure that Wordfence is completely compliant with GDPR and other privacy laws, even if you disable one or two features.
The Shield is a popular plugin with over 50,000 active installations. My feelings about The Shield are mixed because we were using it in 2019 when we were hacked from some plugin called “Yuzo Related”. The Shield has totally failed to protect us.
But several years have passed since 2019 and I’m pretty sure The Shield has become better and several new features were added, like Crowdsec support. Compared with Wordfence, the free version of The Shield is somehow limited in features. For example, Rate Limiting is available only for their Pro version. Some kind of Advanced Blocking doesn’t exist at all, even in the Pro version. The support at WordPress.org is good but sometimes a bit snobbish for my taste.
Ninja Firewall (WP Edition) has been running here since 2019 after we suffered from the “Yuzo Related” hack. I have never had any issues or problems with that plugin. According to WordPress.org, the plugin has some 90,000+ active installations.
But what makes Ninja Firewall the best? Two things: SPEED and GDPR. Ninja Firewall is VERY FAST, even when under attack because everything is done locally with its optimized full WAF code.
Doing everything locally also fully respects any privacy laws like GDPR. Not to mention that their support at WordPress.org is very good.
I can spot a few things missing from their free version, mainly the ability to manually BLOCK something, an IP, a range of IPs etc. Also, Ninja Firewall automatic blocks do not “last”, I mean if some IP is blocked it will not be blocked for a period of time.
BUT Ninja Firewall for WordPress can be easily extended for free using their own .htninja configuration file
More on this in another article ….
So Ninja Firewall is the BEST firewall and security plugin because it just WORKS as expected, it is very fast, it is fully GDPR compliant and doesn’t interfere with other plugins you may have (including page caching plugins).
Wordfence creates an issue with some link/page that Google picks up and report it as a problem in Google webmaster accounts.
The pages are /?wordfence_lh=something and from i read it comes from Live Traffic view.
I do remember also my WP site been hacked using Yuzo related. I think that plugin was used in 60.000+ websites or so.