Before you connect a site to Wordfence Central, you will need to register an account on wordfence.com. If you already have an account, you can sign in to connect your sites. If you are setting up your account for the first time, you will be given the option to enable two-factor authentication. We strongly recommend setting this up as it is one of the most reliable countermeasures against account compromise. You can also set it up at any time after you register.
You can connect a site to Wordfence Central from the Central dashboard, or from the Wordfence plugin. (Note: If you are using WordPress Multisite, be sure to add the top-level site for each network).
Connecting a site from the Central dashboard
Once you have logged in to Wordfence Central, you can connect one of your sites by clicking “Add New Site”, then entering your site’s URL in the box that appears. You will then be redirected to your site to complete the setup. Note that you will need to log in to your site as an administrator if you are not currently logged in.
Connecting a site from the Wordfence plugin
You can connect a site to Wordfence Central by logging in to your site as an administrator, selecting Dashboard from the Wordfence menu, and clicking “Connect This Site” under “Wordfence Central Status”. Note that if you’re not logged in to wordfence.com, you’ll be taken to the login page. Once you have logged in, the connection process should proceed.
Removing a site from Wordfence Central
You can remove a site from Wordfence Central by clicking the trash can icon under “Disconnect” on the main Central dashboard page, or “Remove” on the Connection Issues tab if the site is having connection issues. You can also log in to your site as an administrator and select Dashboard from the Wordfence plugin menu, then click “Disconnect This Site” under “Wordfence Central Status”.
Troubleshooting connection issues
The Connection Issues tab shows the list of sites that are currently having connection issues.
If you added a site to Wordfence Central but didn’t completed the setup, you can click on the “Complete Setup” link that appears, and you will be taken to your site to finish the connection.
Cloudflare connection issues
If your site is protected by Cloudflare, you may need to update your Cloudflare settings to allow Wordfence Central to connect to your site. You should be able to do this by going to your Cloudflare control panel.
Login to Cloudflare
Go to “Firewall”
Click the “Firewall Rules” tab
Click “Create a Firewall rule”
Name the rule under “Rule Name”
Set the “Field” under “When incoming requests match…” to “IP Address”
Enter “188.8.131.52” under “Value”
At the bottom, under “Then…Choose an action” change “Block” to “Allow”
Incapsula connection issues
If your site is protected by Incapsula, you may need to update your Incapsula settings to allow Wordfence Central to connect to your site. You should be able to do this by going to your Incapsula control panel. (Note: if your site is being protected by Incapsula via Sitelock, you may need to contact Sitelock support to have a ticket created to add this exception).
Login to Incapsula
Go to “Settings” > “Security” > “Whitelist Specific Sources”
In the “Whitelist IPs” box, enter 184.108.40.206
Sucuri connection issues
If your site is protected by Sucuri’s firewall, you may need to update your Sucuri settings to allow Wordfence Central to connect to your site. You should be able to do this by going to your Sucuri control panel.
In the “Whitelist IP Addresses” box, enter 220.127.116.11
WP Spamshield connection issues
If your site is using the WP-Spamshield plugin, you will need to whitelist the Wordfence Central IP to allow Wordfence Central to connect to your site. You can do this from your site’s admin dashboard.
Login to WordPress
Go to “Settings” > “WP-SpamShield”
Check the box next to “Enable WP-SpamShield Whitelist”
In the “Your current WP-SpamShield Whitelist” box, enter 18.104.22.168
Click “Save Changes”
Other connection issues
For other connection issues, you can click the “Show” link under “Details” to see more information. Note: Wordfence Central uses the WordPress REST API to communicate with the plugin. If you’ve disabled the REST API or set it to require authentication, you’ll need to enable it before connecting your site to Central.
In most cases, the easiest way to correct a connection issue is to remove the site from Wordfence Central. Before adding the site to Wordfence Central again, we recommend that you verify that the site is up and running and that the latest version of the Wordfence plugin is installed and active. Once you have done this, you can add the site to Wordfence Central. If you are using the free version of Wordfence and these steps fail to correct the issue, please visit the Wordfence forums for support. If you are a Premium customer, you can contact premium support.