WordPress Plugin feature: Wordfence Website SecurityFebruary 10, 2017 - By Shaun Buckle
How important is your website to your business? What would it mean if your website was compromised or you lost it completely? Website security is something everyone is aware of but is still often overlooked, even when simple measures can help towards keeping your website safe.
One such measure is the WordPress Plugin; Wordfence. If you have a WordPress website and you don’t have Wordfence (or an equivalent website security plugin) installed, stop reading this article and install it! Wordfence comes in a Free & Premium version but even if you don’t want to pay for Premium, the Free version is worth downloading.
Wordfence Website Security (Free): What is it?
Wordfence (Free) includes key features that help provide extra security to your website:
- A Web Application Firewall to protect against unwanted attackers
- A Malware Scanner to check if any malicious code has been injected into your website
- Live Traffic Reports so you can keep an eye on who is coming in and out of your system
- A File Repairer to fix any files that have been tampered with.
Web Application Firewall
Wordfence uses a constantly updated Threat Feed to protect your website from malicious traffic. New attack patterns are added into the feed as soon as they are found. This keeps your website protected from the latest threats. To get the firewall running on your website all you need to do is have Wordfence installed and it will automatically activate it.
Malware Scanner & File Repairer
If you believe your website has been compromised, you can run the Malware Scanner to compare your files to the official WordPress repo’s. This can even be done if it happened before you installed Wordfence. The scanner will alert you if any plugin, theme or core WordPress files have been tampered with. You can then use the Wordfence File Repairer to clean them, matching them back up to the repo.
The Dashboard & Live Traffic Reports
Understanding who is accessing and attempting to access your website and knowing if they are a User or a Bot can be useful information if you are wanting to take matters into your own hands. For example; If you notice that you are getting unusually high amounts of failed login attempts on a username that you use to access your dashboard, perhaps think about changing that username (We recommend not using common usernames like ‘admin’). Another example would be if those failed login attempts were coming from the same IP address you could block that IP address from your website.
Why Go Premium
There are a few reasons you might want to choose to go Premium. You might want to bolster the login screen with text message sign-in. Having the Threat Feed be updated to the second may be important to you or being able to block access to the login screen from certain countries could be useful.
There are plenty more things you can do to improve the security of your WordPress website (Including regular backups!) but installing Wordfence is a good start. If you need help setting up Wordfence on your WordPress website, are looking for a new WordPress build, or just want some advice on WordPress website security feel free to get in touch here!