Protecting your blog from hackers is your number 1 priority over the content. Many blogs get hacked because of poor security. Even blogs that you take offline for a few days or months while you focus on a different blog can get hacked even though it’s not updated. This is why you should secure your blog. I have blogged about how to secure a blog and briefly mentioned the WordFence Security plugin; this blog post will walk you through setting it up.
Let’s start with adding the plugin to your blog. Search for it and click install:
If you are completely new to WordPress and not sure how to install a plugin, follow this guide below for instructions:
If you are receiving the following notification below then you know you have installed the plugin correctly.
Keep in mind that your web host can help with security on their end. A secured server is a bonus on top of this plugin. I have listed certain Web Hosts that I recommend to everyone.
Click on the configure button to being setting up the plugin for the best security of your blog. You should be on the following page.
Click on the continue button as the plugin will scan and recommend the best server configuration for you based on your host. The next page will have you Backup a file before you can continue on with the settings. The reason for this plugin forces you to download this file is because the plugin writes text into the file. In case something happens, you can delete the plugin via. FTP plugins folder and upload your copy of the .htacess file you saved before editing the plugin. It’s a fail safe but I never have any issues.
You don’t have to upgrade to the premium version. I do have a premium license but showing you the free version.
A look at more options I enabled as a Premium member.
Navigate to the options settings tab to begin editing the settings. See the image below for the details.
There is a bit left in this first half of the options settings page. Click save after you make the following changes but stay on this page as there are another batch of settings to click.
I enabled the email summary because I am a stats guy and this can be a very useful piece of information for optimizing traffic on your blog.
We are now getting into the inner workings of this plugin and the security settings that are most important.
More goodies to enable.
Some sections I am skipping as the default setting is the best setting. Getting back to the next section to enable settings on:
This is the last section to edit for the options page. Make sure you hit save changes at the button of this page.
Live Traffic Tab
I love this section as you can block IP’s or a whole network. If an IP visits my blog over and over, I just block the network after checking the IP to make sure it’s not a search engine bot. You can even view which page or directory that IP is trying to access. For example if it’s trying to view your plugins directory or your admin account, you should block the network as it’s a hacking attempt in real time.
An important setting that you need to enable. Select Enable and Protecting in the image below. Make sure you save changes on this page. This only setting to enable, the other tabs leave as default settings.
These are the recommended settings WPOutcast uses for this plugin. Upgrading to a premium version will give you the ability to block any country that you want to plus other good settings.
Next Up To Read:
If this blog post has been helpful, consider sharing it online with your followers.