Skip to content

How To Configure The Free Wordfence Security Plugin

Hey all.

 

Glad to be back after a summer off from blog writing.

 

Earlier this year, I wrote a blog post 5 EASY WAYS TO FIX YOUR INSURANCE AGENCY’S WORDPRESS WEBSITE SECURITY. 

 

If you haven’t checked that one out, please do so.

 

Installing a good security plugin is one of the 5 basic things covered there.

 

You can also download our FREE pdf cheat sheet that goes along with it here.

 

Now that we got that out of the way. Let’s dive a little deeper into one of the most important and effective ways to secure your website.

 

Installing a security plugin.

 

It’s actually pretty easy.

 

This blog post will show you how to configure the free version of the Wordfence security plugin.

 

Downloading and installing the plugin.

 

To use the Wordfence security plugin, you have to first install it.

 

You can use the Plugins option on the left-hand dashboard. Select Plugins and then Add New.

 

 

 

 

Search in the right-hand box for Wordfence and then hit install and then activate.

 

Once you activate it Wordfence will ask for an e-mail to send alerts to and for you to agree to their terms and services.

 

 

 

 

 That’s it! The Wordfence Security Plugin is now ready to use.

 

There are 4 major parts of the Wordfence security plugin that we will cover in this post.

 

The four major features we will cover are:

 

  • Firewall
  • Site Scanning
  • 2 Factor Authentication
  • Live Traffic

 

Firewall

The firewall is a protective layer between the internet and your WordPress website. It will detect if something bad tries to access your site and block it.

 

 

 

 

There are two options that I will cover here.

 

If you don’t mess with any of the Firewall settings then the plugin will run the firewall in its default mode.

 

This means that it loads the Firewall at the same time that all other plugins load. Plugins load after other parts of your WordPress install have loaded.

 

The second option is to click the “Optimize the Wordfence Firewall” button.

 

This will end up making the Firewall run before anything else. Even before the Wordfence plugin itself launches. This can help protect you from malicious scripts or attacks that run before your security plugin loads.

 

 

 

 

Sidenote. It will have you download a copy of your .htaccess file. This is in case you need to replace it for any reason. Save it somewhere on your computer for a rainy day.

 

Extra Sidenote: The Firewall will run in “learning mode” for a week as it figures out regular traffic and activity for your site.

 

Site Scanning

 

Site scanning works like other malware or virus scanners. It will scan and check your site to look for any issues or vulnerable areas .

 

 

 

 

If it finds anything wrong it will notify you and let you decide how you want to proceed.

 

Pretty straight forward and easy to do just by hitting the “Start New Scan” button.

 

Setting Up 2 Factor Authentication

 

You should be familiar with 2-factor authentication. It’s become a common IT security practice.

 

 

 

 

It makes sense that it’s used to secure website logins.

 

You will need an authenticator app for your cell phone to use the 2-factor authentication. that comes with the free version of the Wordfence security plugin,

 

There are quite a few different ones out there but Google has one that we recommend. Download it for your android or iPhone and either scan the QR code or use the codes that the plugin gives you.

 

Analyzing your logins with Live Traffic

 

 

 

 

Live traffic shows you who has tried to log in to your site and where from.

 

You can see where you may have a vulnerability. It also allows you to block specific users from even attempting to login.

 

So let’s recap the major features of the free Wordfence security plugin.

 

The firewall is a way to allow people to log in or access your site by IP address.

 

Site Scanning allows Wordfence to scan the major concern areas of your site. This makes sure things are healthy.

 

2-factor Authentication is an extra layer of login security.

 

Live traffic allows you to see where and when all attempted logins to your site have taken place. You can also block a user by IP address.

 

Other Plugins

 

It’s worth mentioning that there are other trusted security plugins.

 

  • iThemes Security
  • Securi
  • All In One WP Security & Firewall

 

Most security plugins do a lot of the same things.

 

I recommend Wordfence. But if you find the need to use a different plugin, one of the above can be used in its place.

 

Extra Sidenote: Should you consider upgrading to premium?

 

It all depends. for most smaller agencies the free version will do a great job keeping your site secure.

 

If you have the extra cash and want the extra features it doesn’t hurt to upgrade. You will gain more features for sure. But you don’t have to as the free version will be ok as it is.

 

So there it is. Hopefully, this is useful to you in getting the free Wordfence plugin up and running on your agency’s website.

 

See you next month.

 

Nick

Download Our FREE WordPress Security Cheat Sheet!

Something went wrong. Please check your entries and try again.

Nick Line

Nick is the Owner of My Insurance Design. He lays in bed at night and thinks about digital marketing and how he can use it to help independent insurance agencies. It's pretty sad. He knows it.

Leave a Comment