WPDev.one
Wordfence Security – Firewall, Malware Scan, and Login Security
Home/Plugins/wordfence
Wordfence Security – Firewall, Malware Scan, and Login Security

Wordfence Security – Firewall, Malware Scan, and Login Security

Firewall, Malware Scanner, Two Factor Auth, and Comprehensive Security Features, powered by our 24-hour team. Make security a priority with Wordfence.

By Mark Maunder
4.7(4,690 ratings)
Download

Description

THE MOST POPULAR WORDPRESS FIREWALL & SECURITY SCANNER

WordPress security requires a team of dedicated analysts researching the latest malware variants and WordPress exploits, turning them into firewall rules and malware signatures, and releasing those to customers in real-time.

Choose the right protection for you: Wordfence Free, Premium, Care or Response

Wordfence is widely acknowledged as the number one WordPress security research team in the World. Our plugin provides a comprehensive suite of security features, and our team’s research is what powers our plugin and provides the level of security that we are known for.

At Wordfence, WordPress security isn’t a division of our business – WordPress security is all we do. We employ a global 24-hour dedicated incident response team that provides our priority customers with a 1 hour response time for any security incident.

The sun never sets on our global security team and we run a sophisticated threat intelligence platform to aggregate, analyze and produce ground breaking security research on the newest security threats.

Wordfence Security includes an endpoint firewall, malware scanner, robust login security features, live traffic views, and more. Our Threat Defense Feed arms Wordfence with the newest firewall rules, malware signatures, and malicious IP addresses it needs to keep your website safe.

Rounded out ... [truncated]

Installation

Secure your website using the following steps to install Wordfence:

  1. Install Wordfence automatically or by uploading the ZIP file.
  2. Activate the Wordfence through the ‘Plugins’ menu in WordPress. Wordfence is now activated.
  3. Go to the scan menu and start your first scan. Scheduled scanning will also be enabled.
  4. Once your first scan has completed, a list of threats will appear. Go through them one by one to secure your site.
  5. Visit the Wordfence options page to enter your email address so that you can receive email security alerts.
  6. Optionally, change your security level or adjust the advanced options to set individual scanning and protection options for your site.
  7. Click the “Live Traffic” menu option to watch your site activity in real-time. Situational awareness is an important part of website security.

To install Wordfence on WordPress Multi-Site installations:

  1. Install Wordfence via the plugin directory or by uploading the ZIP file.
  2. Network Activate Wordfence. This step is important because until you network activate it, your sites will see the plugin option on their plugins menu. Once activated that option disappears.
  3. Now that Wordfence is network activated it will appear on your Network Admin menu. Wordfence will not appear on any individual site’s menu.
  4. Go to the “Scan” menu and start your first scan.
  5. Wordfence will do a scan of all files in your WordPress installation including those in the blogs.dir directory of your individual sites.
  6. Live Traffic will appear for ALL sites in your network. If you have a heavily trafficked system you may want to disable live traffic which will stop logging to the DB.
  7. Firewall rules and login rules apply to the WHOLE system. So if you fail a login on site1.example.com and site2.example.com it counts as 2 failures. Crawler traffic is counted between blogs, so if you hit three sites in the network, all the hits are totalled and that counts as the rate you’re accessing the system.
WP-CLI Installation:
wp plugin install wordfence --activate

Frequently Asked Questions

Visit our website to access our official documentation which includes security feature descriptions, common solutions and comprehensive help.

How does Wordfence Security protect sites from attackers?

The WordPress security plugin provides the best protection available for your website. Powered by the constantly updated Threat Defense Feed, Wordfence Firewall stops you from getting hacked. Wordfence Scan leverages the same proprietary feed, alerting you quickly about security issues or if your site is compromised. The Live Traffic view gives you real-time visibility into traffic and hack attempts on your website. A deep set of additional tools round out the most comprehensive WordPress security solution available.

What features does Wordfence Pr... [truncated]

Changelog

8.1.0 – August 25, 2025

  • Improvement: Added password scanning support for WordPress 6.8 and later
  • Improvement: Limited email alerts to 5 per hour by default and added notification when limit has been reached
  • Improvement: Improved URL scanning performance
  • Improvement: Updated GeoIP database
  • Change: Reduced scan result severity for vulnerabilities with high attack complexity or required privileges
  • Change: Added messaging around WAF support when NGINX Unit is detected
  • Change: Added notice and scan result about Wordfence Assistant
  • Change: Adjusted IPv6 connection issue message and appearance
  • Fix: Prevented deprecation notice about calling base64_encode with null parameter
  • Fix: Prevented deprecation message about calling preg_match with null parameter
  • Fix: Corrected license type shown on dashboard when expiring
  • Fix: Prevented disabled getmyuid function from causing fatal... [truncated]

Statistics

Active Installs5.0M+
Downloads389.8M+
Version8.1.0
Last UpdatedInvalid Date

Requirements

WordPress
4.7+
PHP
7.0
Tested up to
6.8.3

Support

Resolution Rate90%
Total Threads193
Resolved174

Quick Links

WordPress.org PagePlugin HomepageDownload PluginSupport Forum

Tags

2fafirewallmalwarescannersecurity