How To Set Up The WordFence Security Plugin

Protecting your blog from hackers is your number 1 priority over the content. Many blogs get hacked because of poor security. Even blogs that you take offline for a few days or months while you focus on a different blog can get hacked even though it’s not updated. This is why you should secure your blog. I have blogged about how to secure a blog and briefly mentioned the WordFence Security plugin; this blog post will walk you through setting it up.

Let’s start with adding the plugin to your blog. Search for it and click install:

wordfence security

If you are completely new to WordPress and not sure how to install a plugin, follow this guide below for instructions:

If you are receiving the following notification below then you know you have installed the plugin correctly.

WordFence Warning pop up

Keep in mind that your web host can help with security on their end. A secured server is a bonus on top of this plugin. I have listed certain Web Hosts that I recommend to everyone.

Click on the configure button to being setting up the plugin for the best security of your blog. You should be on the following page.

Wordfence first settings

Click on the continue button as the plugin will scan and recommend the best server configuration for you based on your host. The next page will have you Backup a file before you can continue on with the settings. The reason for this plugin forces you to download this file is because the plugin writes text into the file. In case something happens, you can delete the plugin via. FTP plugins folder and upload your copy of the .htacess file you saved before editing the plugin. It’s a fail safe but I never have any issues.

wordfence htaccess

You don’t have to upgrade to the premium version. I do have a premium license but showing you the free version.

A look at more options I enabled as a Premium member.
WordFence Premium

WordFence Options

Navigate to the options settings tab to begin editing the settings. See the image below for the details.

WordFence Basic Options

There is a bit left in this first half of the options settings page. Click save after you make the following changes but stay on this page as there are another batch of settings to click.

WordFence IP Settings

Wordfence Advanced Options

I enabled the email summary because I am a stats guy and this can be a very useful piece of information for optimizing traffic on your blog.

email summary

We are now getting into the inner workings of this plugin and the security settings that are most important.

Wordfence Scans To Include

More goodies to enable.

WordFence Scan Images

Some sections I am skipping as the default setting is the best setting. Getting back to the next section to enable settings on:

login security options

This is the last section to edit for the options page. Make sure you hit save changes at the button of this page.
Last set of wordfence

Live Traffic Tab

I love this section as you can block IP’s or a whole network. If an IP visits my blog over and over, I just block the network after checking the IP to make sure it’s not a search engine bot. You can even view which page or directory that IP is trying to access. For example if it’s trying to view your plugins directory or your admin account, you should block the network as it’s a hacking attempt in real time.

live traffic stats

FireWall Protection

An important setting that you need to enable. Select Enable and Protecting in the image below. Make sure you save changes on this page. This only setting to enable, the other tabs leave as default settings.

firewall settings

These are the recommended settings WPOutcast uses for this plugin. Upgrading to a premium version will give you the ability to block any country that you want to plus other good settings.

Next Up To Read:

If this blog post has been helpful, consider sharing it online with your followers.


Leave a Reply

(Cloudways) Managed Cloud Hosting For WordPress Starting at $7/moFree Trial Available!
+ +