Wordfence Security is a free plugin for WordPress that includes a web application firewall, virus scanning, and real-time traffic monitoring with geolocation. Along with these features, Wordfence offers protection from brute force attacks.
Installing Wordfence Security
Visit the Add New Plugins panel in your WordPress Dashboard and search for Wordfence. Click Install Now.
When the installation is complete, click Activate Plugin.
Scanning Your Site
Clicking Wordfence in your Dashboard's menu will open the Scan panel. (You'll also be given the option to take a tour of all of Wordfence's features.)
First, you can elect to update Wordfence automatically by clicking Yes, enable auto-update.
Wordfence's default settings work for most websites, so now run your first scan to see if you need to tweak anything or if you have any issues that should be resolved.
Click Start a Wordfence Scan.
If you have any issues with your site, Wordfence will provide the solutions to resolve them or offer you the option to ignore them if they are expected errors.
Configuring Wordfence
After your initial scan, select Options from the Wordfence menu. Under the Basic Options, enter your WordPress administrative email address to receive any security alerts for your site. Click Save Changes.
Scroll through the rest of the options and adjust them according to your site's needs and traffic patterns. (Clicking the blue 'i' next to each item will further explain its function.)
Blocking IP Addresses
Wordfence will immediately begin enforcing brute force protection as soon as its activated. However, if you know an IP address that has previously attacked you, you can enter it on your own.
Select Blocked IPs from the menu and then enter the address in the provided field.
You can block ranges of IP addresses by clicking Advanced Blocking in the menu.
Here, you can also block particular browsers and certain referrer websites, as well as list the reason for the block.
Alert: For Control Panel Help & Tutorials, click here: Panel Tutorials