Install and Setup Wordfence Security

How to Install and Setup Wordfence Security in WordPress

Do you need to install and setup Wordfence security plugin on your website?

Wordfence is one of the most popular WordPress plugins that can add security to your WordPress website as well as protect it from hackers. In this tutorial, you will learn you how to install and setup Wordfence security plugin for your WordPress website.

How to install the Wordfence plugin

  • Firstly, you need to install the Wordfence plugin.
  • So go to your wp-admin
  • Go to Plugins
  • Click > Add New
  • Search for > Wordfence – See screenshot above.
  • Click Install and then Activate the plugin.

How to setup Wordfence plugin

  • After you click activate, a popup window will appear.
  • See screenshot above.
  • You need to add your email address, so you can receive the notifications from Wordfence.
  • Make sure to check the Terms and Conditions box and whether or not you wish to receive news from Wordfence.
  • Then you can proceed to the next step.
  • In the next window we will choose – ‘No thanks’
  • You can decide whether you want to buy the pro version of Wordfence after you have seen it in action.

The Wordfence panel

  • After activation, you will see the new Wordfence panel on the left side of your wp-admin.
  • See screenshot above.
  • Simply click on the Wordfence panel and this will take you to the Wordfence Dashboard.
  • See screenshot below.
  • You can take a tour or close the help box and dive straight it.

Setting up Wordfence security

  • In the Dashboard you will see a button to go to the Global options.
  • Click on this.
  • Go to > Do you want Wordfence to stay up-to-date automatically? 
  • Click > Yes, enable auto-update – see screenshot below.

Global settings

  • Go to > View Customization
  • Click > Display “Blocking” menu item
  • Click > Display “Live Traffic” menu item
  • Then click the Save changes button (top right corner).
  • You will now see those menus added to the Wordfence panel.
  • See screenshot below.

General Wordfence Options

For a full explanation of these options click on the little question mark at the end of the item.

  • Go to > General Wordfence Options
  • See screenshot below.
  • Go to > Hide WordPress version and enable.
  • Go to > Disable Code Execution for Uploads directory and enable.
  • Click Save changes.

Email Alert Preferences

  • Go to > Email Alert Preferences
  • Have a look and see what options you prefer. You may turn some on or off depending on what results you get over the next few days.


The Wordfence firewall protects your sites from attackers. This is where you can monitor the work Wordfence is doing to protect your site and also where you can manage the options to optimize the firewall’s configuration.

  • Click on the Firewall panel to view. See screenshot below.

When you first install the WAF, it will be in learning mode. This allows Wordfence to learn about your site so that we can understand how to protect it and how to allow normal visitors through the firewall. 

Setting up the Firewall

  • Click on > All Firewall options
  • WAF recommends you leave these settings for a week so WAF can learn about your site.
  • Then you can come in here and add more advanced options.
  • After the week, you can go to Advanced Firewall Options. See screenshot below.
  • You can untick any options you don’t need for e.g. Seznam Search Engine is a search engine in the Czech Republic. So if you don’t need this untick it. 
  • Next go to > Brute Force Protection.
  • Go to > Lock out after how many login failures and Lock out after how many forgot password attempts.
  • I would recommend changing this to 3 not 20.
  • Save changes. 

Optimize the Wordfence Firewall

  • Click the > Optimize the Wordfence Firewall button and follow the instructions.
  • Make sure you download the ht.access file backup.
  • See screenshot above.
  • This will give your site > Extended Protection: All PHP requests will be processed by the firewall prior to running.
  • Leave all other options as the defaults.

Wordfence scan

  • Click the > Scan in the Wordfence panel
  • See screenshot above.
  • Go to > Scan Options and Scheduling
  • Go to > Scan Scheduling and make sure this is enabled
  • Go to > Basic Scan Type Options and choose Basic Scan
  • Wordfence will choose choose when to scan your site.
  • If you ever think something is not right with your site and it may be hacked.
  • Go to the main Scan dashboard and click > Start new scan.

Live traffic

Live Traffic is very useful as it shows you what’s happening on your site in real-time, including user logins, hack attempts and requests that were blocked by the Wordfence. You can choose to block users here also.

  • See screenshot above.
  • Just click the Block IP button to block a user.
  • If you want to block a country then you need to buy the pro version of the plugin.
  • Click > Expand all results to get a better view.

To sum up

In this tutorial I have shown you how to install and setup the Wordfence plugin for WordPress. If you own a WordPress website, then you should take security seriously. The Wordfence plugin offers great security and if you find you are being targeted a lot you may consider the pro version which is reasonably priced. See prices here.

Click the link for more information about our WordPress support.

Scroll to Top