We provide both firewall and scanning/alerting functionality which work in concert to provide a more secure WordPress website. So back to the original poster's question, we do provide a firewall and we go deeper than that because we have access to inspect site code, search for malware, find vulnerabilities in code during our scans, do deep inspection of both the filesystem and the database and provide alerting and reporting to give our customers a more secure site.
@perezbox We're not patching PHP code, so that's not an issue. We instead provide firewall functionality so that if someone uses the attack vector I mentioned they're blocked before it hits the vulnerable plugin.
That blog entry installs a vulnerable WP system and then tries to protect it with security plugins using only firewall functionality. The real world scenario is that a WP admin is getting alerted by our plugin that they have out of date themes, plugins or core components or vulnerabilities on their site and they upgrade them or close the holes while we simultaneously provide firewall functionality to prevent exploitation of selected security holes - and as a last resort if a site does get hacked we'll detect that and help you fix it.
From the blog entry it doesn't appear that a Wordfence scan was done, either scheduled-daily or manual, which likely would have provided insight into vulnerabilities on the site.
This is appearing on our support forum - I do understand you found it via another route though. So lets cut this short here - I think the original poster's question has been answered. We're always interested in outside perspectives and you're welcome to email me at mark at wordfence.com to continue the conversation.
Regards,
Mark Maunder - Wordfence Founder.