Help Documentation

Wordfence plugin documentation and support

Free Support

Support for users of the free version of the plugin is available on our WordPress.org support forum. The majority of requests receive an answer within a few days.
GO TO SUPPORT FORUMS

Access Upgraded Support Now

Our senior support engineers respond to Premium tickets within a few hours on average and have a direct line to our QA and development teams.
UPGRADE WORDFENCE

or log in here

Basic Plugin Settings

Here are our minimal recommended settings to set up once you have installed and activated our plugin.

Here is a blog post explaining why attackers are interested in your site and a quick guide below for our minimal recommended plugin settings.

https://www.wordfence.com/blog/2018/03/ask-wordfence-why-is-an-insignificant-site-like-mine-being-attacked/

There are a lot of options in Wordfence. With some of them you may need to read our documentation if you are not sure what they do. Options have a question mark icon badge that links to our help documentation. You can also ask us for help.

If you have the latest version of Wordfence installed then please open the “All Options” page and use the EXPAND ALL button to expand all sections.

1) In the “Basic Firewall Options” section we recommend the firewall “Protection Level” is set to “Extended Protection” and the “Firewall Status” is set to “Enabled and Protecting”, as long as “Learning Mode” is not required. If the “Protection Level” says “Basic WordPress Protection” then you will see a notification at the top of Wordfence admin pages asking you to optimize the firewall. Once the firewall has been optimized then the “Protection Level” will say “Extended Protection”.

https://www.wordfence.com/help/firewall/optimizing-the-firewall/

If the “Firewall Status” is set to “Learning Mode” then it is important to understand that the firewall rules aren’t protecting your site yet so please read about “Learning Mode” here:

https://www.wordfence.com/help/firewall/learning-mode/

However, other Wordfence protection mechanisms such as the brute force login attack protection rules will still be active in “Learning Mode”.

2) Make sure that Wordfence is correctly detecting visitor IP addresses. In the “General Wordfence Options” section, where it shows an IP address for “Your IP with this setting”, make sure this IP address matches your IP address using this link below:

https://whatismyipaddress.com/

https://www.wordfence.com/help/dashboard/options/#get-ips

3) Configure the brute force login attack protection rules as per our recommended settings here:

https://www.wordfence.com/help/firewall/brute-force/

4) Ensure that daily Wordfence scans are scheduled and are set to the “Standard Scan” mode.

5) We recommend that all users with publishing capability on your site set up two-factor authentication for their accounts.  The settings for this are found on the “Login Security” page:

https://www.wordfence.com/help/tools/two-factor-authentication/

This site uses cookies in accordance with our Privacy Policy.