After building my new WordPress vulnerability database project, I wanted to make it easier for people to use. It’s taken some effort to get all the bits-and-pieces put together, but Vulnz is now ready for public use. Phew.
WordPress vulnerability database? Sounds boring
My original goal was to build an open source web app that can track multiple WordPress websites, and issue an easy-to-use weekly security report. This was always more about the reporting website vulnerabilities in such a way that makes them easy to fix. The core Vulnz system has been monitoring sites on Headwall Hosting for a couple of months now, and it’s working well.
But the core Vulnz system is somewhat technical to set up & maintain. So I set about creating a subscription service that any WordPress professional can use.
The Vulnz.net SaaS
It took a couple of weeks to build, stealing time between customer projects and web-server admin tasks. But I’m happy with the result.
It’s essentially a WordPress/WooCommerce website that handles SEO, customer dashboards and subscription management. This links to the back-end Vulnz server, which handles the day-to-day tasks of collating data and generating reports.
Doesn’t Wordfence already do this?
In short, sort-of it does. But I wanted to take a different approach. Wordfence is a big WordPress plugin, and it can bloat a website’s database to massive proportions. As a hosting provider, I like to keep my databases lean and fast. Anything I can do to reduce bloat, is something I’ll explore. That said, Vulnz is only about vulnerability monitoring, and helping my clients reduce their websites’ attack surface area. There’s a load of stuff Wordfence does that Vulnz doesn’t do.
If you’ve got 5-100 websites to look after, receiving a weekly report that says “These 5 sites have this plugin that’s known to be vulnerable – patch it or update it now” is a massive win.
Oh, and if you’re a Headwall Hosting customer, Vulnz is built into your hosting account 👍