Welcome to the official documentation for Wordfence 7. For information about previous versions of Wordfence, visit our old documentation.
The Wordfence Dashboard provides insight into the current state of your site’s security.
These allow you to update your Wordfence License, set your Alert Preferences and Import/Export Wordfence settings.
Email alerts quickly inform you of security related events on your site.
The Wordfence Web Application Firewall is a PHP based, application level firewall that filters out malicious requests to your site.
The Wordfence Firewall has a feature that allows the Firewall to be loaded before any other code loads. This provides the highest level of protection and we refer to this as "extended protection". In order to get extended protection, you have to go through a short configuration procedure.
Learning Mode allows the Web Application Firewall to be adjusted to your site.
The Wordfence plugin saves information about recent attacks on your site. You can view this data on your Wordfence Dashboard and the Wordfence Firewall page.
Change Firewall Mode (Enabled/Learning Mode/Disabled), Optimize the Firewall and configure advanced options.
Brute Force Protection limits login attempts on your site.
Wordfence includes a rate limiting firewall that controls how your site content can be accessed.
How to resolve issues with the Wordfence Web Application Firewall.
Aside from the Firewall rules that protect against SQL-injection, XSS and more, Wordfence also has custom features for additional blocking.
What is Wordfence? Wordfence is a security plugin for WordPress. It provides various features and configuration options for site owners to protect their sites from intrusion. If you locked yourself out The following instructions are for site owners. If you are trying to regain access to a site that you do not manage, please contact…
Country Blocking allows you to block access to your site from certain countries.
If you locked yourself out or are experiencing unwanted blocks.
A Wordfence scan examines all files on your WordPress website looking for malicious code, backdoors, shells that hackers have installed, known malicious URLs and known patterns of infections.
Select which aspects of your site the scan should investigate, adjust scan performance and configure advanced options.
How to interpret results from the Wordfence Scan.
The Wordfence Scan runs regularly on your site. Premium customers can adjust how often the scan runs.
If you are having problems getting your scans to start or complete, please see these instructions for some basic debugging steps.
Wordfence Tools include Two Factor Authentication, Whois Lookup, Password Audit, Live Traffic and Diagnostics.
Wordfence provides import/export functions options. Use this feature to copy options to other sites or to backup your settings when reinstalling Wordfence.
This feature was removed in Wordfence 7.1.0.
The Whois Lookup Service gives you a way to look up who the owner of an Internet resource is.
Find out your PHP Version, database permissions, connectivity tests and much more in Wordfence Diagnostics.
Wordfence Live Traffic shows you what is happening on your site in real-time.
Two Factor Authentication allows you to add an extra layer of security to your WordPress login. This section describes how to use it.
If you want to know more about the technical details of Wordfence, you'll find the answers in this section.
Wordfence works on most WordPress websites. However, to make sure it works on your site you can check that it meets our minimum system requirements.
Historical information about previous Wordfence Releases.
If you need to reset or remove Wordfence from your site you can find help with that in this section.
Details about technical aspects of how Wordfence works.
Wordfence has many options that can be set within the WordPress admin pages, but there are some additional options that are not often needed.
Additional functions for developers to import settings or whitelist IP-addresses.
How do I inspect the browser console or take a screenshot? Information about debugging issues with your site can be found here.
Wordfence Premium comes with an IP Blacklist, Real Time Protection and much more.
Wordfence Premium is sold as an annual license that is set to auto-renew by default. Discounts are available for volume purchases.
All Wordfence installations need a License key, also known as an API-key. The key can be a free key or a premium key.
Let one of our Security Analysts help you clean your infected site or inspect it for vulnerabilities.