Wordfence is a free plugin you can use in your WordPress site to scan for hacked files and to monitor the access of visitors to your site. You do not need to enter an API key in the "API Key" field for the free version; however, not all the functions are available for free. This article will explain the basic free functions of WordFence and how to use the Scanning, IP Blocking, Live Traffic view, and more.

Installing the WordFence plugin

  1. Log into the WordPress Dashboard.
  2. Install the WordFence pluginGo to Plugins and click Add New. Type security in the Search Plugins box and find the WordFence Plugin.
  3. Tour the WordFence pluginOnce you activate the plugin you will see a "Congratulations" box with a Start Tour button.

    You can watch the tour or just click close.

WordFence Options

WordFence has the ability to Scan your files, Watch your visitors live, block IP's, automate scanning and more. Below are the features in WordFence.

Note! Not all features are for free with WordFence. For example, Country Blocking and Scan Schedule are only for paid WordFence customers.

WordFence Basic options
Alerts Allows the administrator to be emailed when an alert happens.
Live Traffic View You can view your traffic while it occurs on your site with the Live traffic view feature.
Scans to include You can scan specific areas of your WordPress site with the Scans to include feature.
Firewall Rules This section allows you to restrict access to your WordPress in the event your site gets attacked. Important! Make sure you have your email address as the administrators emails address in the event your get locked out of your WordPress dashboard. This feature will email the administrators emails address with the information to get you back in your WordPress Dashboard.
Login Security Options Allows you to lock out a "bot" or user that is trying to "Brute Force Attack" the login on your WordPress.
Other Options You can set memory options an other debugging settings for WordFence in the "Other Options."

Scanning your WordPress site

Scan your files WordFenceThe first this you will want to do is scan the WordPress site.You will now have a section in your WordPress Dashboard specific for WordFence. Go to the WordFence section and click Scan.

Scan resultes WordFenceWhen you start a scan with WordFence, you will see the status and what is being scanned in the Scan Summary window. You can also view the Scan Detailed Summary during the scan. Any failures in the security scan will show in the results.

Viewing Live Traffic

View Live traffic WordFenceNext, you can look at the "Live Traffic" of those who are visiting your website as they are browsing yoru site. This is especially good for security because you can see the Hacker IP address and other information if they are on the site.

Visitors information WordFenceThe image to the right shows what a visitor looks like in your WordFence plugin. The name, IP, Hostname, browser type, and more can be ascertained from the "Live Traffic View".

Manually blocking IP addresses

Block IPs in WordFenceIn the WordFence plugin section, click the Blocked IP's link. You can add IP addresses to your WordFence plugin to restrict access from those addresses. IP blocks are go to prevent Brute Force attacks on your WordPress logins.

Whois look up by IP or Domain

WHOIS lookup in WordFencehe WHOIS lookup in the WordFence section is used for looking up where a domain or an IP address is from. You can get the country the domain or IP address is from and then use the IP blocking feature in WordFence to block the IP.

Did you find this article helpful?

We value your feedback!

Why was this article not helpful? (Check all that apply)
The article is too difficult or too technical to follow.
There is a step or detail missing from the instructions.
The information is incorrect or out-of-date.
It does not resolve the question/problem I have.
How did you find this article?
Please tell us how we can improve our Support Center:
Email Address
Optional, but our team may contact you for more information.
Like this Article?

Post a Comment

Name:
Email Address:
Comment:
Are you a bot?
Submit

Please note: Your name and comment will be displayed, but we will not show your email address.

Write New!
Do you want to publish a tutorial to our support center?

News / Announcements

SSL Certficate Warnings
Updated 2014-04-14 11:34 am EST
Hits: 2226
Heartbleed 0-day OpenSSL security bug
Updated 2014-04-14 04:43 pm EST
Hits: 5647

Related Questions

Here are a few questions related to this article that our customers have asked:
Ooops! It looks like there are no questions about this page.
Would you like to ask a question about this page? If so, click the button below!
Ask a Question

Need more Help?

Search

Ask the Community!

Get help with your questions from our community of like-minded hosting users and InMotion Hosting Staff.

Current Customers

Chat: Click to Chat Now E-mail: support@InMotionHosting.com
Call: 888-321-HOST (4678) Ticket: Submit a Support Ticket

Not a Customer?

Get web hosting from a company that is here to help. Sign up today!