Wordfence security is one of the only free security plug-ins that are almost equal or in some cases, better that those that you have to pay for. It gives a variety of features and is perfect for securing your website. However they offer an additional premium API key that would enable the user to access advanced scanning capabilities.
Amongst other things, it includes a firewall and an anti-virus scanning for your WordPress website. It has an impressive and unmatched list of features which includes options for scanning core files, posts, comments, themes, signatures and tracking common malware and phishing URLs in the posts while at the same time reporting for Trojans, security threats, backdoors and any suspicious code.
Unlike other security plug-ins, Wordfence security is fully compatible with multi-sites so much so that it lets you scan all posts and comments across all blogs from one admin panel. Another brownie point goes for its feature that not only gives you the functionalities of a typical firewall, i.e., blocking common security threats, malicious scans, bots etc but provides for an option wherein you can choose if you want to block or throttle users and robots that frequently break your security rules.
It also gives you the option of hiding certain information which you do not want WordPress to publish. Usually, Wordfence will suggest what information to hide so as to strengthen your security. However, the additional features like real time traffic monitoring given by this security plug-in are what give it an edge above the others.
The fact that it takes too much memory space while scanning can be called a flaw only if you find a security plugin that doesn’t. With a constant developer support and regular updates that include latest security features, Wordfence can easily be called the one of the best WordPress plugins available in the market.