CONTACT US: 1-800-622-4403
ABOUT    CONTACT SALES    SERVICE AREAS
Domains To Datacenter Since 1994

Simple Way to Secure a WordPress Website

Introduction


WordPress is a free and open source blogging tool and content management solution (CMS) based on PHP and MySQL.  WordPress was used by more than 23.3% of the top 10 million websites as of January 2015.  

Wordfence Security Plugin


Anything that’s popular is more open to attack and WordPress is no exception.  One of the quickest and easiest way's we've found to secure a WordPress site is through the use of the WordFence plugin from Feedit, Inc.  With over 6,000,000 downloads, Wordfence is arguably the most popular security plugin for WordPress.

Versions


Wordfence is available as a free version and also offers a premium version that is currently priced at $39.  The premium version provides two factor authentication via SMS, country blocking and the ability to schedule scans.

Installation


Like all WordPress plugins, Wordfence can be easily installed by visiting wordpress.org, searching plugins, and searching for Wordfence.  You can also download Wordfence by visiting www.wordfence.com.

How it Works


Wordfence starts by checking if your site is already infected. It performs a deep server-side scan of your source code comparing it to the Official WordPress repository for core, themes and plugins. After the initial scan, Wordfence will continue performing periodic scans on your site and alert you if any plugins have been modified or need to be updated.

Stopping Attacks


Wordfence uses real-time threat analysis and blocking. If one WordPress site running Wordfence is attacked, the attacker is blocked and all other sites also running Wordfence block that attacker.  You can see a real-time display of WordPress attacks per minute accross all sites running Wordfence by visiting www.wordfence.com.

Scan Results


The home screen of Wordfence Security where you can see a summary, manage security issues and do a manual security scan.  The results of these scans will also be emailed to you.


Live Site Activity


The Live Traffic view of Wordfence Security where you can see real-time activity on your site.


Blocked IP Addresses


The "Blocked IPs" page where you can manage blocked IP's, locked out IP's and see recently throttled IPs that violated security rules.


Basic Options


The basic view of Wordfence Security options. There is very little to configure other than your alert email address and security level.


Advanced Security Options


If you're technically minded, this is the under-the-hood view of Wordfence Security options where you can fine-tune your security settings.


Conclusion


We highly recommend the Wordfence security plugin. The free version will provide protection you really should not go without.  The premium version, in our opinion is worth the cost simply to add two form signin authentication and country blocking.  In short, WordPress sites are very vulnerable to attack and the Wordfence security plugin does a great job protecting sites from common attacks and keeping you informed of vulnerabilities.


Websites

  1. How To Install WordPress
  2. Hosting Multiple Domains on One IP Address (SuperAccount)
  3. Where can I find the FTP information for my POA account?
  4. How to modify CSS on Mobile Devices
  5. How to generate a CSR, purchase & Install the Certificate in the POA System
  6. Change Your Domain Name using WordPress
  7. How to enable .NET 4.0 for your POA Account.
  8. How to remove Pages/Posts from Wordpress Search
  9. How to disable all Wordpress plugins using MySQL
  10. Remove index.php from Wordpress URL
  11. How to move a Drupal site from one host to another
  12. How to move a Wordpress site from one host to another
  13. How to change the Wordpress site URL
  14. Masking Your Email from Spammers with WordPress + PHP
  15. How to Redirect a Registered Domain
  16. Changing the Wordpress URL Path to web root "/" or another path
  17. Simple Way to Secure a WordPress Website
  18. How to restart your website in Control Panel.
  19. How to Block Referral SPAM from your Website
  20. Creating Campaigns in Google Analytics
  21. Switching over to a New InfoQuest account.
  22. Stopping your website through the customer control panel.
  23. Deleting a domain from your account.
  24. Where do I go to view my web stats (AWStats) for my site?
  25. How to change Wordpress siteURL to IP address using phpmyadmin
  26. How to enable "anonymous access" to browse my site.
  27. How to access Wordpress files.
  28. How to add a dedicated/exclusive IP address to your account.
  29. How to upload website content to the server.
  30. Update Directory Path for Website.
  31. Password protecting a folder on your site on POA.
  32. Add Structured Data Location Schema to your website
  33. How to delete WordPress Comments using phpmyadmin
  34. How to password protect a specific directory on your POA Hosting Account.
  35. What's New in Wordpress 4.9

Feedback and Knowledge Base