Pair Networks Blog Security,WordPress Wordfence for Beginners

Wordfence for Beginners

September 27, 2019 | pair | 0 Comment | 2:19 pm

Categories:

wordfence for beginners header graphic with white text against blue fence

Keeping your WordPress website secure should be a top priority. After putting in all that work to design, promote, and launch your WordPress site, you don’t want to lose all of your content in an attack. A simple way to protect your WP site is with the Wordfence security plugin.

What Is Wordfence?

With over 3 million installations, Wordfence is one of the most popular security plugins for WordPress sites. It includes a firewall and malware scanner designed for WordPress. The plugin also comes with a variety of additional features from two-factor authentication to blocking IP addresses. It allows you to manage every aspect of your WordPress security easily. And, there’s a free version so you don’t have to pay extra to keep your site secure.

Advantages of Wordfence

Wordfence comes pre-installed in pair WP hosting plans so, we know one or two things about it. There are many advantages to using the plugin. Essentially, it offers an easy way to implement and manage a large variety of security features:

Firewall

The Wordfence firewall is designed and maintained specifically to protect WordPress sites. The firewall functions to identify and block malicious traffic before it can reach your site. After you enable the Wordfence firewall, your server will deploy the firewall code before it runs your site’s PHP code. This allows the firewall to thoroughly analyze all requests to access your site before any traffic can reach it. The firewall operates extremely fast because it runs before your database connects and your website can load. Potentially harmful traffic gets stopped at the firewall while friendly users and crawlers can continue on to your website with no problems.

Virus Scanner

The Wordfence plugin also comes with a virus scanner, which scans for malicious code in all of your WordPress files. Wordfence scans for several different things including:

Malicious code
Backdoors left behind by hackers
Shells installed by hackers
Known malicious URLs
Known patterns of infections

The scan will also examine your existing posts, pages, and comments for harmful code. You can conduct these scans manually and see the results immediately after the scan is completed. Or you can schedule virus scans in advance and receive the results by email or when you next log into your WordPress site.

File Repair

When you receive your Wordfence scan results, it will tell you what action to take to resolve any issues uncovered during the scan. One of the options includes file repair, which will replace the affected file with an original copy of the file. If you’re worried about losing any custom code you added to the file, you can create a backup before repairing it.

IP Blocking

With Wordfence, you can block suspicious IP addresses. An IP address identifies a specific computer or server connected to the internet. If you notice repeated attempts to hack your site from the same IP address, you can block that address entirely with Wordfence.

Two-factor Authentication

One of the most effective security measures to use on your WordPress site is two-factor authentication. Two-factor authentication requires you to both enter your password and use your phone to verify your identity before logging into your account. You can enable two-factor authentication through the Wordfence plugin.

Email Notifications

Email alerts are another feature of the Wordfence plugin. If your WordPress site is experiencing a security issue, you’ll quickly receive an email alert about the problem from Wordfence. You can configure your alert settings to include notifications when a user is signed in or if there’s an increase in attacks on your site. The email notifications allow you to act quickly in the event of a security emergency.

It’s free!

The Wordfence plugin is free, but a paid version with more advanced features is also available. Wordfence premium is $99 for a whole year and comes with reputation checks and country blocking. Both the free and paid versions are good options for securing your WordPress site.

Getting Started with Wordfence

Wordfence is easy to use and installs the same way as other WordPress plugins.

Step one: Installation

First, log into your WordPress admin account.
Then, navigate to the left-hand menu and choose Plugins > Add New.
Search for wordfence in the plugin search bar.
Find the Wordfence Security – Firewall and Malware Scan plugin in the results and click Install Now.
Once the plugin finishes installing, click on the Activate button (previously the Install Now button).
A popup will then appear where you can enter your email address. This is the address Wordfence will use to send alerts and updates to. Enter your email address and click Continue.
The final popup will ask for your premium license key. If you purchased Wordfence premium, enter the key here. If you want to purchase Wordfence premium, click Upgrade to Premium. And if you want to use the free version, click No Thanks.

Now, you’re all set with the plugin!

Step two: Navigate Settings

Most of the Wordfence defaults shouldn’t require any changes, but there are a few settings that you should update with your preferences. One of the most important things you should do in your Wordfence settings is enable automatic Wordfence updates.

To do this, go to Wordfence > All Options in your dashboard menu. Then, go to Wordfence Global Options > General Wordfence Options. Check the Update Wordfence automatically when a new version is released box to make sure your plugin stays updated. Keeping your plugins upgraded to the latest version is essential to your site’s overall security and performance.

Next, you should verify where you want Wordfence to send email notifications. Go to Wordfence Global Options > General Wordfence Options. You can enter your email address for where to send email alerts here.

Last, you can set up manual or automatic scans in the Scan Options > Scan Scheduling dashboard. By default, your scans should be enabled to run automatically. This allows Wordfence to run the scans when they choose, which is usually once a day.

Step three: Your First Scan

When you’re ready to run your first Wordfence scan, go to Wordfence > Scan on your WordPress dashboard. It should give you the option for a tour of the plugin. Just click next to get the tour or close out of the tour popup. Then, click Start New Scan and wait for it to finish scanning your site. It will tell you when the scan is complete so then you can scroll down to the Results Found tab. In the results section of your scan, you can see what issues the scan uncovered and what you can do to fix them.

Step four: Enable Firewall

By default, the Wordfence firewall should be enabled to run as a WordPress plugin or Basic WordPress Protection. If you want to make the firewall more secure, you can switch to Extended Protection. With Extended Protection, the firewall will deploy before your PHP files. To turn on Extended Protection, go to Wordfence > Firewall and click the Manage Firewall button. Then, click on the Optimize the Wordfence Firewall button. A popup will appear with a lot of text that you should read if you have more than one WordPress installation running on your site. If not, click Download .htaccess then click Continue. Another popup should appear to tell you that you were successful, which you can close out of.

Now, you should be good to go with WordPress security! All you have to do now is pay attention to any Wordfence security alerts and issues that may arise. You can also continue exploring other security features that come with Wordfence like two-factor authentication.

All pair WP hosting plans come with Wordfence pre-installed! Get started today for only $14.95/month!

Tags: security, wordfence, wordpress plugin

Woman looking confidently at laptop with a secondary monitor to her left. Office colleagues in the background

An Introduction to Secure Sockets Layer (SSL) Certificates — a Website Must An Introduction to Secure Sockets Layer (SSL) Certificates — a Website Must

June 4, 2022 | Leslie Mcilroy | 0 Comment

Ever wonder how websites help keep hackers from stealing private information, like your credit card number or passwords? The answer: SSL. SSL, or Secure Sockets Layer, is a security protocol

3 Tips to Improve Your WordPress Site3 Tips to Improve Your WordPress Site

December 7, 2021 | pair | 0 Comment

WordPress runs most of the internet, and the platform really offers some great tools for creating a quality site. How do you take your site to the next level, though?

2023 Malware Survival Guide2023 Malware Survival Guide

June 1, 2022 | Leslie Mcilroy | 0 Comment

“Malicious” + “Software” = Malware Malware is essentially the same as a human virus. It’s an umbrella term for malicious or intrusive software that a computer can catch from an

Carmella W.

“Professional, helpful and understanding. They went out of their way to ensure that the job was completed correctly.”

-Carmella W.

Customer since 2013

Nancy R.

“I have been a pair customer since 2000. They have always been wonderful to me.”

-Nancy R.

Customer since 2000

Will S.

“Your technician researched to understand what caused our problem, rather than just doing the simpler solution that I thought I needed. This produced a better result. I am VERY happy with his support.”

-Will S.

Customer since 1996

Robert M.

“Smart people and great service from the first contact to today.”

-Robert M.

Customer since 1998

Michelle H.

“Very satisfied. The customer service person who assisted me was polite, courteous and very well versed in the problems I called about. I stay with pair because of the excellent customer service.”

-Michelle H.

Customer since 2006

Amira G.

“pair has maintained high standards and fantastic customer service and care for so many years running.”

-Amira G.

Customer since 1999

Luke T.

“I was impressed by the speed of response, and the ‘human-ness’ that came through in it.”

-Luke T.

Rod T.

“I consider your company at least one step above the rest of webhosts”

-Rod T.

Customer since 2008

Kraig B.

“I really appreciate that the support staff is responsive 24/7, as this issue was raised nighttime on a weekend. That’s one thing I’ve enjoyed about working with pair, is that support happens quickly when it’s needed, rather than when it’s convenient for the provider.”

-Kraig B.

Customer since 2008

Pat C.

“The service was very quick and the issue was solved promptly.”

-Pat C.

Customer since 2003

Ed C.

“Your service ranks in the top of all providers of the 21st Century.”

-Ed C.

pair Domains customer

Eric R.

“I got exactly what I needed, quickly and accurately.”

-Eric R.

Customer since 2001

Jeff

“Very quick, very thorough, very helpful.”

-Jeff