Connecting your sites to Wordfence Central
Learn how to connect multiple sites to Wordfence Central.
Before you connect a site to Wordfence Central, you will need to register an account on wordfence.com. If you already have an account, you can sign in to connect your sites. If you are setting up your account for the first time, you will have the option to enable two-factor authentication. We strongly recommend setting this up as it is one of the most reliable countermeasures against account compromise. You can also set it up at any time after you register.
You can connect a site to Wordfence Central from the Central dashboard, or in the Wordfence plugin. (Note: If you are using WordPress Multisite, be sure to add the top-level site for each network).
Connecting a site from the Central dashboard
Once you have logged in to Wordfence Central, you can connect one of your sites by clicking “Add New Site” and entering your site’s URL in the box that appears. You will then be redirected to your site to complete the setup. Note that you will need to log in to your site as an administrator if you are not currently logged in.
Connecting a site from the Wordfence plugin
You can connect a site to Wordfence Central by logging in to your site as an administrator. Select the Wordfence Dashboard menu item. In the “Wordfence Central Status” widget, click “Connect This Site”. Note that if you are not logged in to your wordfence.com account, you will be taken to the sign in page. Once you have logged in, the connection process should proceed.
Removing a site from Wordfence Central
You can remove a site from Wordfence Central by clicking the trash icon in the “Disconnect” column on the main “Dashboard” page. If the site is having connection issues then you can click on the trash icon in the “Remove” column under the “Connection Issues” tab. You can also log in to your site as an administrator and select “Dashboard” from the Wordfence plugin menu and click “Disconnect This Site” in the “Wordfence Central Status” widget.
Troubleshooting connection issues
The “Connection Issues” tab shows the list of sites that are currently having connection issues.
If you added a site to Wordfence Central but did not complete the setup, you can click on the “Complete Setup” link that appears, and you will be taken to your site to finish the connection.
Cloudflare connection issues
If your site is protected by Cloudflare, you may need to update your Cloudflare settings to allow Wordfence Central to connect to your site. You should be able to do this by going to your Cloudflare control panel:
- Login to Cloudflare
- Go to “Firewall”
- Click the “Firewall Rules” tab
- Click “Create a Firewall rule”
- Name the rule under “Rule Name”
- Set the “Field” under “When incoming requests match…” to “IP Address”
- Enter “18.104.22.168” under “Value”
- At the bottom, under “Then…Choose an action” change “Block” to “Allow”
- Click “Deploy”
- Repeat steps 4-9 for the IP addresses 22.214.171.124 and 126.96.36.199
You may also need to also add Wordfence Central’s IP addresses to the “IP Access Rules” in your Cloudflare control panel:
- Login to Cloudflare
- Go to “Firewall”
- Click the “Tools” tab
- Scroll to the “IP Access Rules” section
- In the field that says “Enter an IP, IP range, country name, or ASN”, enter “188.8.131.52”
- Change the “Block” option to “Allow”
- Change the “This website” option to “All websites in account” if you have more than one site
- In the “Add a note” field, type “Wordfence Central” so you remember why the IP was allowed
- Click the “Add” button
- Repeat steps 5-9 for the IP addresses 184.108.40.206 and 220.127.116.11
Incapsula connection issues
If your site is protected by Incapsula, you may need to update your Incapsula settings to allow Wordfence Central to connect to your site. You should be able to do this by going to your Incapsula control panel. Note that if your site is being protected by Incapsula via Sitelock, you may need to contact Sitelock support to have a ticket created to add this exception.
- Login to Incapsula
- Go to “Settings” > “Security” > “Whitelist Specific Sources”
- In the “Whitelist IPs” box, enter 18.104.22.168
- Click “Add”
- Click “Save”
- Repeat steps 3-5 for the IP addresses 22.214.171.124 and 126.96.36.199
GoDaddy/Sucuri connection issues
If your site is protected by GoDaddy/Sucuri’s firewall, you may need to update your GoDaddy/Sucuri Firewall settings to allow Wordfence Central to connect to your site. You will need to do this via the GoDaddy control panel:
- Login to Godaddy.com
- Go to Products->Web Site Security
- Click the “Firewall” tab and go to “Access Control”
- Click “Allow IP Addresses”
- Enter “188.8.131.52” into the “Add new IP” field, select “Permanently”, and click “Allow”
- Repeat step 5 for the IP addresses 184.108.40.206 and 220.127.116.11
If you are still using the legacy Sucuri control panel:
- Login to Sucuri’s WAF control panel at https://waf.sucuri.net/?settings&panel=whitelist-addr
- In the “Whitelist IP Addresses” box, enter 18.104.22.168
- Click “Whitelist”
- Repeat steps 2 and 3 for the IP addresses 22.214.171.124 and 126.96.36.199
WP Spamshield connection issues
If your site is using the WP-Spamshield plugin, you will need to add the Wordfence Central IP addresses to the allowlist in this plugin’s settings.
- Login to WordPress
- Go to “Settings” > “WP-SpamShield”
- Check the box next to “Enable WP-SpamShield Whitelist”
- In the “Your current WP-SpamShield Whitelist” box, enter 188.8.131.52
- Click “Save Changes”
- Repeat steps 4 and 5 for the IP addresses 184.108.40.206 and 220.127.116.11
Other connection issues
For other connection issues, you can click on the “Show” link under the “Details” column to see more information. Note that Wordfence Central uses the WordPress REST API to communicate with the plugin. If you have disabled the REST API or set it to require authentication then you will need to enable it before connecting your site to Wordfence Central.
In most cases, the easiest way to correct a connection issue is to remove the site from Wordfence Central. Before adding the site to Wordfence Central again, we recommend that you verify that the site is up and running and that the latest version of the Wordfence plugin is installed and active. Once you have done this, you can add the site to Wordfence Central.
If your site has been removed from the listing in Wordfence Central, but the site itself still appears to be connected on the Wordfence “Dashboard” page then open the “Diagnostics” tab on the Wordfence “Tools” page. Scroll down to the “Other Tests” section. Press the “Clear Connection Data” button next to “Clear all Wordfence Central connection data”. Now try to reconnect your site.
If you are using the free version of Wordfence and these steps fail to correct the issue, please visit the Wordfence forums for support. If you are a Premium customer, you can contact premium support.