How to Set Up and Use the WordFence Plugin for WordPress

Wordfence is an excellent free security plugin for WordPress that offers various features that we will be setting up.


Installing WordFence is easy! Log into your WordPress Dashboard, click on plugins, click on add new, then search for WordFence and click install. Once it's installed click activate and you're ready to get started.

Core File Scan

One of the most useful features that WordFence has is it's Core File Scanning

Before running a scan, let's go to options and change our settings to use very thorough scanning. Log in to your WordPress Dashboard and click on Wordfence, then Options. Once there, scroll down to Scans to Include.

direct&200 |

Make sure all boxes are checked except for High Sensitivity and Exclude Files…

You will not be able to use the public facing option unless you purchase a full license, but it is not needed for a Core File scan.

Once you have selected the options that you want, you can start a scan under Wordfence > Scan. Just click Start a Wordfence Scan. The scan may take some time to be completed, depending on the size of your WordPress installation.

Once the scan completes, you will be able to fix broken or corrupted files.

Web Application Firewall

Turning on the Web Application Firewall will stop malicious bots, crawlers and login attempts.

Once you've enabled this, you should tune it to your desired settings.

To enable it: check the box Enable firewall

direct&200 |

Next, adjust the firewall options to fit your needs.

direct&200 |