Remove or Reset

A full guide on how to reset or remove Wordfence from your site.

The Wordfence plugin consists of:

1. Plugin files, located in “wp-content/plugins/wordfence”.
2. Database tables, located in your database (they all start with the “wf” prefix. For example, “wp_wfConfig”).
3. Firewall configuration files, located in “wp-content/wflogs”.
4. If you have optimized the firewall to be in “Extended Protection” mode then you will also have a “wordfence-waf.php” located in the document root directory of your WordPress installation and a few configuration lines located in a “.htaccess”, “.user.ini” or a “php.ini” file.

Remove or Reset

Sometimes you may want to remove Wordfence completely. At other times you may want to delete all Wordfence data and recreate the database tables so that Wordfence is reset to a default configuration. This often helps to solve issues with corrupted data in the database. There are three ways you can delete or reset Wordfence.

Delete Wordfence data on deactivation

If you are removing Wordfence permanently, or if you want to do a complete reinstallation of Wordfence then you can enable the option “Delete Wordfence tables and data on deactivation”. If you then deactivate the plugin, all Wordfence files and database tables will be deleted. You can then choose to activate Wordfence to start with the default configuration, or you can choose to delete the plugin.

Use the Wordfence Assistant plugin

Wordfence Assistant is a plugin that has been developed specifically to solve issues with Wordfence that can not be solved within the plugin itself. You can install this plugin via the WordPress “Plugins” page and use it to delete all Wordfence data from your site.

Manual removal

To manually remove Wordfence, you can follow the steps below. It is important that you do step 1 before the other steps.

1. Remove extended protection manually. Click here to learn more.
2. Remove the “wordfence” plugin directory located in the “wp-content/plugins” directory.
3. Remove the “wflogs” directory located in the “wp-content” directory.
4. Remove the “wordfence-waf.php” file located in the root directory where your WordPress installation exists.
5. Remove all Wordfence database tables from the database, using for example “phpMyAdmin”.

Wordfence 7 Tables


wp_wfBadLeechers (Legacy)
wp_wfBlockedCommentLog (Legacy)
wp_wfBlocks (Legacy)
wp_wfBlocksAdv (Legacy)
wp_wfLeechers (Legacy)
wp_wfLockedOut (Legacy)
wp_wfNet404s (Legacy)
wp_wfScanners (Legacy)
wp_wfThrottleLog (Legacy)
wp_wfVulnScanners (Legacy)

Migrate with Wordfence

If you are migrating your site to a new server then we recommend that you first remove Extended Protection mode. When your site has been migrated, you can then optimize the firewall again.

Optionally, you can choose to reset Wordfence and only migrate your settings. This will remove the firewall optimization and all current blocks on your site.

  • Open the “Dashboard” > “Global Options” page. Expand the “General Wordfence Options” section. Enable the option “Delete Wordfence tables and data on deactivation” and press the button to save the change.
  • Scroll down to the section “Import/Export Options” and click on the “Export Wordfence Options” button. Save the export token in a safe place.
  • Deactivate Wordfence on the WordPress “Plugins” page.
  • Migrate your site to the new server.
  • Activate Wordfence on the WordPress “Plugins” page.
  • Open the “Dashboard” > “Global Options” page.  Scroll down to the section “Import/Export Options” and click on the “Export Wordfence Options” button. Enter the export token you previously saved and click to “Import Wordfence Options”
  • Optimize the Firewall.