How to install and set up Wordfence Security in WordPress
This tutorial assumes that you are already logged in to the WordPress admin panel as the admin user.
Now Let’s learn How to install and set up Wordfence Security plugin in WordPress.
Wordfence Security plugin helps you in detecting and protecting your WordPress installation from intrusions and security risks.
Point the mouse on Plugins and then click on Add New menu.
In Search Plugins window, search Wordfence Security.
We have searched the plugin here.
Now, Click on Install Now button.
That’s it! You have successfully installed the Wordfence Security plugin.
Click on Activate button in order to activate the plugin.
The Wordfence Security plugin is activated now.
Point the mouse on Wordefence option and then click on Dashboard menu.
Fix them accordingly.
The Dashboard shows the recent issues and the update notifications.
Since we are using free edition of the plugin not all features are available.
To upgrade to the paid edition of the plugin , click on Upgrade to Premium button.
Click on Scan menu.
To run a security scan of your current WordPress installation click on START A WODEFENCE SCAN button.
Once the scan has completed, you’ll be notified of the results.
Click on Scheduling tab.
Scan scheduling option is available only with Premium version of the plugin.
Click on Options tab.
Configure the scan options as per your needs or keep them as it is.
Click on SAVE OPTIONS button.
Click on Firewall menu.
Click on Optimize the Wordefence Firewall button.
Wordfence plugin has scanned and selected the server configuration automatically.
you can also use the dropdown menu to select an alternative setup.
You can select the set up as per your server configuration.
Let’s configure the plugin now.
Click on Continue button.
Click on Download.htaccess button to download the file as a backup.
Click on Continue button.
Now, click on SAVE button.
At the bottom of the page , configure Whitelist URLs (which will not be tested by the Firewall) and configure Advanced Settings.
Click on Bruteforce Protection tab.
Configure the Brute Force Protection settings as per your requirements or keep them as it is.
Click on SAVE OPTIONS button.
Click on Rate Limiting tab.
Configure the options as per your needs or keep them as it is.
Click on SAVE OPTIONS button.
Click on Blocking menu.
In order to remove the blocked IPs, click on Clear all blocked IP addresses link.
To remove the locked out IPs click on Clear all locked out IP addresses link.
To block an IP fill it in Manually block IP window and click on the button near the window.
In order to view the blocked IPs and locked IPs, click on respected windows.
Country Blocking option is available in Wordfence premium version only.
We will skip the Country Blocking option.
Options under Advanced Blocking tab helps to block IP ranges, hostnames, user agents and referrers.
Configure the options as per your needs.
Click on Live Traffic menu.
The Live Traffic menu helps to view real-time updates on IP addresses accessing your website and IPs that are being blocked by Wordfence.
Click on Advanced Blocking tab.
Click on Tools menu.
Password Auditing is available for Premium Members only so we will skip it.
Click on Whois Lookup tab.
Whois Lookup tool helps to view domain/IP owner’s details.
Type in a domain name or IP in window and then click on Look up IP or Domain button.
Click on Cellphone Sign-In tab.
We will skip this tool as its available for only Paid version of Wordfence.
Click on Diagnostics tab.
The Diagnostics tab helps to identify any configuration, permissions issues in your WordPress installation.
Click on Options menu.
The Wordfence Options page shows all the options plus other additional option from the other menus that we have already configured.
Once you are done with configuring the options, scroll down to the bottom of the page.
Click on SAVE OPTIONS button.
That’s it, You have successfully configured the Wordfence Security plugin.
This is the end of this tutorial. You now know how to install and set up Wordfence Security plugin in WordPress.