• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Home
  • Privacy Policy
  • Terms of Use
  • FTC Statement
  • Sitemap
  • About and Contact

Build A WordPress Website

Using WordPress as a Content Management System and Blog

  • Home
  • WordPress Install
    • WordPress Hosting
    • An Easy Way to Install a WordPress Website
  • WordPress Setup
    • Getting the WordPress Options Right
  • WordPress Plugins
    • WordPress CMS Plugins
    • WordPress SEO Plugins
  • WordPress Themes
    • Free WordPress CMS Themes
    • WordPress CMS Themes
    • Basic Theme Header Changes
  • Manual
    • Choose between Pages or Posts
  • Resources
You are here: Home / WordPress Plugins / Secure Your WordPress Website with Wordfence

Secure Your WordPress Website with Wordfence

Filed Under: WordPress Plugins June 7, 2013

Even though some people will tell you that WordPress is insecure, you should know that the core of WordPress is one of the most secure open source content management systems there is today.

Even the latest hack attempts were not targeted to the software itself. It was an attack by sending brute-force password hack attempts for default users names and weak passwords. So make sure you don't use admin as your administrator username and have a good strong password. If you want to learn more about those attacks, read WordPress Security Attacks and Solutions.

To secure your site there is one plugin that I highly recommend. It will check and monitor your WordPress website, it's called Wordfence.

Wordfence Security Plugin

Wordfence is free and you can get it for your WordPress security by following these steps:

  • Sign in to your WordPress website.
  • Go to your “Plugins” menu and click “Add New”.
  • Enter “Wordfence” in the search box.
  • Install Wordfence and set your options.

To set the Options, go to the Wordfence plugin options choice.

Advertisements

WordPress Security Options from Wordfence

In the settings screen you get large screen with a lot of options!

Start with the basics and set your email address and the option on How does Wordfence get IP's. Save the changes.

Wordfence Basic Options

Now lets see what else you need to set, most of the options can remain as offered by the standard installation.

There are only a few things that I change:

  • Disable the Life Traffic View options
  • Set Scan theme files and plugins files against repository to enabled
  • Enable the Firewall rules and set the block fake crawlers option to active
  • Under Other Options put in your own IP address to the Whitelist
  • I choose not to set the option to Participate in the Wordfence Security Network, but that is just my personal choice

Save all the options you have set, and run a first scan.

Working with WordPress Security Alerts

After the scan is complete you will get some WordPress security notifications, especially if you have the option active to scan plugin files against the repository.

Wordfence security alert notification

You have several options on how to proceed with this notification.

It depends on the severity of the problem and on what kind of file it is.

In this case I only check to See how the file has changed to make sure it is just a minor change, if that is the case I choose to Restore the original version of the file. Wordfence will then get the file from the repository and overwrite your current file.

Most of these kind of notifications will be around readme files, so no problem there. After the check, do the restore to prevent a new notification next time the scan runs.

Since I do run Dutch websites I also get errors on language settings, in that case I will choose to Ignore until the file changes.

Check out the options and see if you want to use by the options mentioned before and run a scan on your own site. You will see that Wordfence will monitor your site and scan it once a day (free version) and send you an notification if somethings changes.

I even got a Warning: * Your DNS records have changed notification today after my hosting (aff) company replaced some servers and had to change the IP addresses…

Wordfence Drawbacks

So this Wordfence plugin sounds great, but is there a down side to it?

Yes there is, but its minor. It has to do with the database tables it uses. As you can see they can grow pretty large.

wordfence database tables

Here are the same tables after optimization with the WP-Optimize Plugin.

Wordfence database tables optimized

Still pretty large right? I did not see any performance problems though and I do think that these tables will improve over time.

Nothing to worry about directly, but certainly something to look out for and do preventive maintenance on your database. You can also choose to not back-up these tables if you run into trouble with your back-up files.

Despite this drawback I do recommend your install, configure and use Wordfence to secure your WordPress website!

Advertisements
Affiliate Link Disclosures

Others also read:

  1. How to Secure Your WordPress Website – The Basics
  2. 20 Basic WordPress Plugins for Your WordPress Website
  3. How to Install 21 WordPress Plugins in 5 Minutes
  4. How To Speed Up WordPress on Your Website the Easy Way

By Herbert-Jan van Dinther Filed Under: WordPress Plugins Tagged With: Plugins, Security, wordpress 1 Comment

Top WordPress Hosting Company

HostGator.com

Start Your Own WordPress Website

To get started you need:
    1. Get Website Hosting from Greengeeks.com and use their easy WordPress installation script.
    2. Get a Cool WordPress Theme! I recommend themes from StudioPress.com and Elegant Themes
    P.S. This site is build with Genesis and Metro Theme from StudioPress.com.
3. Configure your WordPress settings and plugins and start writing...

Reader Interactions

Comments

  1. zoranc says

    April 1, 2014 at 12:32 am

    Hey guys,I just released a free, open source extension for the wordfence security plugin that creates a Live Traffic admin dashboard widget using the wordfence functionality. It is hosted in the official WordPress.org plugin repository so you can just search for it from your admin dashboard.You can check out the full plugin description and screenshots in the link provided

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Advertisements
Elegant Themes - Premium WordPress Themes

Get Free Updates!

New Articles right into your inbox, sign up for free now!

P.s. I won't Spam You or Sale Your Mail Address

FTC Disclosure

Disclosure: Please assume that any outbound link is an affiliate link, which means we may receive a commission in the event you click a link and make a purchase. Just so you know, affiliate links do not result in you paying a penny more. Read more...

Start Your WordPress Site!

Get your own WordPress site started::
  • 1. Get Website Hosting.from GreenGeeks.com and use their easy WordPress installation script.
  • 2. Get a Cool WordPress Theme, I recommend themes from
    StudioPress.com and Elegant Themes
  • P.S. This site is build on Metro by StudioPress.

Popular Articles

  • 7 Tips to Customize WordPress Twenty Eleven Theme
  • How To Make WordPress Look Like a Website
  • How to Build a WordPress Website
  • How To Upgrade Old Version of WordPress
  • WordPress Introduction
  • Basic Theme Header Changes
  • An Easy Way to Install a WordPress Website
Advertisements
Elegant Themes - Premium WordPress Themes

Topics

  • Weblog News
  • WordPress Blog
  • WordPress CMS
  • WordPress Plugins
  • WordPress SEO
  • WordPress Setup
  • WordPress Themes
  • WordPress Video

Footer

Most recent Articles

  • Spice Up Your Site With WordPress Shortcodes Ultimate
  • Keeping WordPress Up To Date and Secure
  • How To Upgrade Old Version of WordPress
  • 20 Basic WordPress Plugins for Your WordPress Website
  • 7 Tips to Customize WordPress Twenty Eleven Theme

StudioPress WP Themes

Advertisements
StudioPress Theme of the Month

WordPress Themes

Elegant Themes
StudioPress.com
ThemeForest
Mojo Themes

Copyright © 2023 Build a WordPress Website · Design Metro Theme by StudioPress