April 4, 2021

How to Install Wordfence and Why You Need it?

WordPress is THE most used Content Management System in the world, it is second to none. The unmatched popularity of WordPress attracts bad people, like hackers.

If you a WordPress developer, or WordPress designer who prefers the flexibility of the CMS must have heard about security plugins. And if you are like me, you might have heard about tens of security plugins.

Installing every possible security plugins you have come across wouldn’t help your efforts, and it will do just the opposite of what you intent.

There are a few good WordPress security plugins like SecuPress, Sucuri, Malcare and Wordfence. In this article, I chose to walk you through the Wordfence plugin and why it matters.

Wordfence is developed by world leaders of WordPress security, Defiant. Defiant is based out of Seattle, WA. Wordfence is installed on more than 3 millions of WordPress websites and they properly protect those sites.

If you are planning to install this plugin on your website, you must know about their free and paid plugins. As a security plugin, it works by scanning your website for viruses, malware, adware, trojans, and other suspicious links at regular intervals throughout the day. Most of the security plugin does the same. Defiant, with their experience of working with this plugin for so long, has made it lightweight and almost foolproof.

Installing Wordfence

First of all you need to go to your WordPress dashboard. The navigate to Plugins -> Add New. Search for Wordfence. Install Wordfence Security – Firewall & Malware Scan. Avoid installing plugin files acquired from non-official sources.

Click install, and depending upon your server setup, it will finish installing in a couples of seconds. Once it is installed on your server, you will see the Install Now button showing “Activate Now“. Click on it to complete activation of the plugin.

Once activated, you will see a prompt to enter your email address. The entered mail will receive security updates related your website.

The next prompt screen will request you to enter your Premium Key, you wouldn’t have one unless you have purchased the premium version. Click on the No Thanks link to proceed.

You can now head on to the Wordfence dashboard by clicking on the Wordfence link on the sidebar.

In the dashboard, you will be welcomed with Firewall and Scan circular progress bars.

Tip: WAF means Web Application Firewall. It will stay in Learning Mode for a few days.


Live Traffic

This is a screenshot from one of our client websites where an attempt was made by a malicious end user. Wordfence blocked the attempt in realtime.

Live traffic show you what is happening realtime in your website. Hack attempts, user-logins, and requests that were blocked by Wordfence Firewall.

Whois Lookup

Whois lookup helps find the details about the IP addresses and domains that are attempting malicious activities on your website.


In the free version, the applied Firewall Rules will be Community ones. Brute force protection is automatically setup for you, by Wordfence itself.

Firewall also has options to delay IP and Country blocking until after WordPress plugins has loaded. With the firewall, you can also rate limit crawlers. You can also rate limit Google’s crawlers. Although, it would be a very bad idea to do so.


In the free version, the malware signatures that are used to validate the checks are community ones, which is delayed by 30 days than the premium version. Which is fine if your website is not dealing with financial transactions.

The scan results display issues that are pertaining to the website. Which needs your attention.

You can also choose low resource scanning to reduce server load by lengthening the scan duration.

Login Security – 2 Factor Authentication

Wordfence also allows you to set up extra login security, by activating 2 Factor Authentication on your website. It will reduce brute force attacks to the absolute minimum.

Premium version of the plugins comes with extra options, and also country blocking.

Written by Abdul Wajid

Better marketing performance
is ready for you - Are You?

Partner with one of the digital marketing agency - before your competitor does. Get more traffic. Acquire more customers. Sell more stuff. Stakque works with businesses of all sizes.
First Floor, Ali&Sons Building, Near Maruti Suzuki Service Center, Mundankulam, Chemnad P.O, Kasaragod, Kerala, India 671317

Phone Number: +91-9061085417 Phone Number: +91-7736341466

Stakque Infotech has a rating of 5/5 based on 30 ratings and reviews
GoodFirms Badge
Founded in 2019, our Digital Marketing and SEO agency has worked with some of the brightest, most-agile minds in digital marketing - team members and partners, alike! The Stakque Infotech's mission is to provide the most effective digital marketing solutions in the industry, a high touch customer experience, deliver results and use profits to reinvest in client success, employee success and the community. Our team brings unique skills and experiences to the table, and we have seen how the diverse experiences of our team members - both personal and professional - propel us forward and allow to predict the changes intuitively to take better decisions.
Copyright © 2019 – 2021 Stakque Infotech Private Limited. All Rights Reserved.