By Gary Nugent


BlogDefender was originally launched in 2012 to meet the need for training on how to protect WordPress blogs from unwanted attacks from hackers. For 2014, the product has been revamped, taking account of how WordPress has changed over the last 2 years and how hackers methodologies have changed in that time as well.

WordPress users, and the hackers to target WordPress blogs, are in an escalating arms race to control those blogs. Webmasters do what they can to keep the hackers out. Hackers, for their part, are always looking for new vulnerabilities to exploit to hijack blogs for their own ends.

As an analogy, you can think of hackers as burglars and WordPress security plugins and strategies as burglar alarms/protection systems. Many webmasters, even today, still don’t employ any methods of protecting their sites, mostly because they’re completely unaware of how insecure their sites are, though there’s also a measure of complacency in some quarters.

To address the general lack of concise information about WordPress security, BlogDefender was created.

What’s In The Course


There are 19 videos looking at all aspects of site security from site backups to installing particular plugins to checking blogs for various vulnerabilities.

Videos are presented in a single window with a scrollbar below that contains thumbnails of each video. Moving a horizontal scrollbar allows you to navigate to the chosen video. If you play a video, the next one in sequence will automatically play for you.

BlogDefender Members Area
BlogDefender’s Member Area showing how videos are laid out

I had some problems playing the videos in Firefox but I think that was down to some hiccup in Firefox itself. When I restarted the browser, the videos played fine. However, watching in Chrome presented its own problems. Audio was fine, but the video froze so was, ultimately, unwatchable. Videos played without problems in Internet Explorer.

Other Materials

Part of the course is provided in a Zip file which expands out into 15 folders on your PC. Some of these contain additional PDFs; the remainder contain readme text files and links to various products or resources. I would much rather if all the resources had been made accessible from a single “Resources” page on the BlogDefender site, and broken into sections for easy reference. Plus, if any of these links change or the list of resources needs to be updated, what’s in your PC will go out of date.

Course Content Quality

The information presented in the course is rock solid. Be aware though, that hardening a blog is somewhat technical in nature but for anyone familiar with installing/uninstalling plugins and editing the odd WordPress file, this will not present a problem. Hardening a blog will take time though – that’s just the nature of the business.

I don’t agree with a recommendation not to use caching plugins like W3 Total Cache or WP Super Cache on sites. Reference is made to vulnerabilities in both these plugins that were a problem a year ago, but those have long since been plugged. Without a caching plugin, your site will load more slowly. If your pages (especially your home page) doesn’t load in 2 seconds or less, Google will downgrade your site somewhat. More to the point, the short attention spans of visitors means they won’t wait around for your pages to load. So you have to balance not using caching plugins against your site’s speed and any concern that those plugins could be a security issue in themselves (I use caching plugins on all my sites).


So is BlogDefender worth buying? Frankly, it is. It shows you how to secure your blogs using a mix of plugins, tweaks and strategies that take different approaches to securing different aspects of your blog. Used in conjunction (as they should be) means your blog will be much better protected against a variety of attacks.

BlogDefender LogoI use a slightly different mix of plugins for securing my own sites and those of clients, though there’s probably 70-80% in common between my and BlogDefender’s methodologies.

Is securing a site really necessary? Should you put in the extra time and effort to secure your blogs? Well, that’s down to you. If you value the sites you’ve built and the time and resources you put into them, then it does make sense to protect them as much as possible. One thing I can say is that the cost of recovering a hacked blog far exceeds the cost of BlogDefender, so the course is well worth the expense.

Visit the official site to learn more about BlogDefender.

Next Article: Why GoDaddy May No Longer Be The Go-To Place For Domain Names

Tagged with:

Filed under: WordPress Security