WordFence is a security plugin with a powerful free version that does a lot. That’s why it made it into my selection of best WordPress plugins.
What can WordFence do?
It can monitor login attempts to your website from different parts of the world, scan your website directory, and offers a firewall.
Personally, I have WordFence installed on just about every site, and the free version has always been enough for me so far (no one has hacked my sites :D).
How to set up WordFence?
As with most plugins: just click through the settings somehow and you’ll have the plugin somehow set up, which is often much better than not having it at all.
But if you want to set up the plugin properly, we can’t recommend the video from WordCamp Prague, where Vláďa Smitka, a leading security expert, shows how to set up WordFence.
Other security plugins I use
Speaking of security, I also like the Siteground Security plugin (you don’t need Siteground hosting), which does a number of useful things like:
- block and protect site folders from malware and malicious script insertion
- disable XML-RPV
- create a custom login url on click
Other plugins to look at
Builder: Bricks
Cookies: Complianz
SEO: Rank Math
Best general plugin: ACF
⤴️ Migration: All in One WP Migration
Translations: WPML
Speed: WP Rocket
Backups: Updraft
Word of Conclusion
Security is the nemesis of many WordPress sites. It is also due to supposedly poor security that many people have left WordPress and never returned, or even figured it out in the first place.WordPress, however, doesn’t have a security problem.Security problem have sites on WordPress, where nobody ever cared about their security.And once a site is hacked, you’re in for some serious trouble.
Wordfence is a great way to avoid this fate.
Let me know in the comments how do you handle security on WordPress/your site ?
