At least do this for securing your WordPress site as a quick win, use Wordfence

Security is an oversight for a lot of WordPress site owners

If you have or building a WordPress site, you are in the market for quick wins. When it comes to securing website traffic, there is an endless number of considerations you have to make.

Good security doesn’t come in a couple of clicks or in a few mins, but…

There is a simple and easy, no-cost action item you can take. Install Wordfence (or a similar security plugin) and enable at least the basic security settings for your WordPress site.

Things you should do with Wordfence

Enable Multi-factor Authentication (MFA) for your WordPress admin logins

Enable rate limiting and automatic blocking

Wordfence will enable rate-limiting in its firewall settings by default. This will also allow Wordfence to block too many failed login attempts which is often an attacker trying to gain access to WordPress admin.

Block countries you don’t have any users from

Keep your WordPress plugins up to date.

Wordfence will warn you if there are any dangerous/vulnerable plugins that stay outdated.

Wordfence email alerts will be enabled by default, keep it that way

Make sure you at least get a weekly digest to stay on top of your Wordfence activity and alerts.

If you have multiple WordPress sites, use Wordfence Central to manage the Wordfence installations across sites



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store