How to Setup the Wordfence Security Options
In this section of the guide to Wordfence Security?, we take a look at how to set the options so that you get the best out of the Plugin.
Step 1) Login to the WordPress Dashboard.
Step 2) You will find the Wordfence Options page but clicking on Wordfence on the Left-hand sidebar of the Dashboard, and then by clicking on Options at the bottom of the dropdown.
Every site is given a Wordfence API Key, and if you pay $39 a year, you can upgrade to a Premium Key, the features of which we will still cover throughout the guide.
The basic options enable Firewall, Login Security and Live Traffic view. These should all be enabled. The Login Security options can be altered later on the page. Live traffic viewing means that Wordfence will be logging the security details on your site in real-time, which you can view at any time.
Step 3) Enabling automatic scans is a good way to ensure that your site is regularly scanned. There is always the chance that you will forget if you opt to do manual checks. Setting the level of protection will determine how often scans take place on your site. Medium Protection is the recommended option.
Step 4) The Advanced Options section starts with the type of alerts that you can receive by email. It is recommended that you set as many as you can so that you are notified is any security issues arise. You can also set the number of alerts you can receive per hour, which is useful if a lot of people are signing in to your site and you have the notifications set to let you know when this happens.
Step 5) The Live Traffic View is a great way to see who is logging in to your site, but it can give inaccurate stats if you don’t exclude your Admin and publishers on the site. Add the usernames to ignore in this section to give more accurate live traffic stats.
Step 6) Wordfence scans will look for a multitude of different issues, including dangerous URLs, suspicious content and more. Check the boxes you feel are most important for you to feature in the scans.
Step 7) Setting your Firewall Rules will seek out crawlers who may be looking to hack or are acting suspiciously. You can set these rules to throw users out of the site if they are constantly hitting 404 pages or their page views are hitting a suspiciously high number. You can also block them altogether by changing the Throttle it box to Block it.
Step 8) The Login Security Options are an essential part of maintaining security on your site. You can set the options to lock out users who fail to login after a number of attempts or whom forget their password on a series of occasions. The amount of time they are locked out from can also be changed, and can vary from 5 minutes to 60 days. The more of these boxes you tick, the less likely you are to be attacked by suspicious users.
Step 9) On the Other Options section, you can whitelist users so that they can bypass all the rules of Wordfence Security. This is a good idea if you have more than one Admin, but should only be used if 100% necessary. You can also hold anonymous comments using member emails for moderation, filter comments for phising URLs and malware and various other options.
The next step of the guide will focus on How to Setup a Wordfence Security Scan.