In this tutorial you will learn, How to make secure your wordpress website from atackers using wordpress plugin Wordfence Security.
Short Description of Wordfence security Plugin
Wordfence security plugin have an excellent malware scanner and firewall, that provide full protection of your website from top to bottom. Wordfence also includes Login Security, Wordfence central and security Tools. Malware scanner in wordfence checks wordpress themes, plugins for malware, bad URLs, SEO spam,backdoors, Core files, malicious redirects and code injections. WAP Firewall identifies and blocks malicious traffic , its also protect you from brute force attack. It’s login security feature provide 2FA security authentication and login page captcha that stops bots from logging in. You can also manage multiple sites security from one place using wordfence central, most important thing its free to use for unlimited sites. As well as wordfence also provide security tools like, With Live Traffic, monitor visits and hack attempt. You can block attackers by IP address or set different rules to block any spamer.
How to install/integrate Wordfence plugin in WordPress
To install Wordfence plugin in wordpress, fisrt of all open your wordpress dashboard, go to “Plugins>> Add New”. Check Following screen short
After go to “Plugins>> Add New” , Type “Wordfence” in Plugin Search Box. Like following Screenshot. Now click on “Install Now>>Active” to activate the plugin.
Now a screen will be open where you can enter Wordfence premium license key, if you don’t have license key, you can purchase it by click on “Upgrade to premium” .
If you want to use free version of Wordfence, click on “No Thanks”. check following screenshot
Now your Wordfence plugin have been installed succesfully. For going to Wordfence Dashboard. Check your left menu bar of your wordpress dashboard, in this menu you will see an element with the name of “Wordfence”. Now click on “Wordfence>>Dashboard” for visiting wordfence dashboard. check the following screenshot
After click on “Wordfence>>Dashboard” , you can see wordfence security plugin dashboard. It will look like following screenshot
Wordfence FireWall Setting
Before setting Firewall it’s important to have some knowledge about Firewall. A firewall is a network security system that controls outgoing and incomming network traffic, on the bases of security. A firewall usaually establishes a barrier between a trusted internal network and non-trusted external network, such as the Internet. Firewalls protect you from unauthorized internet users from accessing private networks connected to the internet.
To setting and managing firewall in wordfence, first of go to Wordfence>>Firewall, See Following screenshot to help
After going to “Wordfence>>Firewall”, You will see a dashboard look like following screenshot. Here You can see “Manage Firewall” Button . Click on this button.
After click on “Manage Firewall” Button , You will see a FireWall options page. Scroll down it, you will see something like following screenshot. Here you can see Web Application Firewall Status drop Down. It’s on “learning Mode”. Set this mode in “Enabled and Protecting”.
Check Following Screenshots for help
You can see more Firewall options here ” Advanced Firewall Options, Brute Force Protection, Rate Limiting, Whitelisted URLs” . You can change these according to your requirement. But, I recommened you that default setting is better.
Wordfence Scan your website automatically in and send notifications, To check scan notifications goto “Wordfence>>scan” ,. Check following screenshot
Here you can also start new scan for your website manually by click on “Start New Scan” button. You can also manage scan options by click on “Scan Options and Scheduling”. A process Look Like following screen shot will be start, when you’ll click on “Start New Scan”
To check wordfence tools, go to “Wordfence>>Tools”. Here you can see Wordfence Tools Dashboard. The Given Tools are
Live Traffic Logging:
Wordfence Traffic shows you what is heppening on your website in real-time,hack attempts, including user logins, and requests that were blocked by the Firewall.
The whois looup service gives you a way to look up who owns an IP address or domain name that is visiting your website in malicious activity on your website.
It’s use to clone one site’s Wordfence configuration to another Site .
Wordfence Login Security
Goto “wordfence>>Login Security” In wordfence login security wordfence give you an option, 2-steps authentication factor (2FA) Security.
To activate 2FA-security using wordfence. download and install an authenticator app in your mobile. Scan the bar with your authenticator app to add this account.
I recommend you “Google Authenticator” app because it’s best authenticator app, App Link
After scan and adding the account in your mobile app, Enter Code from your authenticator App. See the following screenshot for help.
As well as you can also download recovery codes from wordfence, in case of, if you lose access to your authenticator device.
Note: If you have any confusion or problem related to this tutorial or you have any other wordpress related problem. You can comment below. we will try to answer your comments as soon as possible.