Go To Catalyst Inc

WordPress security is not good enough, says Belfast web expert


Although WordPress powers more than 25 per cent of all websites, WordPress security plugins are clunky and notorious for taking websites down. Computer scientist and entrepreneur Paul Goodchild, from Belfast, is on a mission to make a quarter of the world’s websites more secure and easier to manage.

Criminal and malicious hacking impacts 10 million websites a year. Hackers will take sites over and mask them as phishing sites, or embed spam links, or just cause destruction for the fun of it. SMEs don’t typically have a strong grasp of security and why they need it.


Paul said, “Lacking robustness in their architecture, the WordPress plugins that companies use to protect their sites from malicious attacks can render their websites completely unusable. When this happens, someone with a lot of IT experience is required to fix it. My clients were coming to me with common breakages, so I decided to build a better security solution.”

Paul’s single-founder business, Fernleaf Systems, sells products for three functions for WordPress sites: a single control dashboard for managing multiple sites, a backup solution based on FTP that’s superior to typical WordPress backup, and his new security plug-in, The Shield. Revenues have increased by 55 per cent in the past 12 months.

The Shield is a completely free plug-in that anyone can download here and use. It sufficiently impressed the judges of the #INVENT2016 Awards and is now a finalist in the Enterprise Software category. Ranked 4.9 out of 5 stars by its users, it spikes at 12,000 downloads per day and has had nearly 1m downloads in total.


The Shield is based on a lightweight but robust security solution, making it simple to take back control of a site after an attack. A full list of features of The Shield are available online here, but its strengths include a "Super Security Admin" - where the plugin protects itself against tampering either by other code or admins who don't know how to use security plugins, IP Black Listing to block repeat offenders, protection against brute force login attacks, 100% comment spam protection by automated bots, and no site lock-outs.


But the real potential of The Shield could be its ability to protect more than one site at a time. Paul said, “My vision is to create the first scaled-up security plug-in for WordPress.”

The scaled up version (while monetising the plugin) would enable website managers to control security for several sites at once. “It doesn’t make sense that the bots and the hackers are scaled, but security isn’t. A single security control is missing in the WordPress ecosystem – I want to change that,” said Paul.

Not one to put the cart before the horse, and with revenue rolling in from the management and backup side of his business, Paul indicates he plans to build the scaled version of The Shield before seeking funding that would enable him to take it to market. He aims to have a first version ready this winter. “When we do seek funding it will probably be in the region of £250,000, to cover marketing and development costs,” he concluded.

comments powered by Disqus


TECHWATCH mailing list

* indicates required



This app restores calm in a stressful world

This app restores calm in a stressful world

added Tuesday, September 20 2016

Software News
The picture of overall health goes beyond meds alone
Software News
Leading Belfast VR filmmaker immerses us in his world
Virtual reality News