The Wordfence plugin saves information about recent attacks on your site. You can view this data on the Wordfence "Dashboard" and "Firewall" pages.

Top IPs Blocked

This list shows the IP addresses that resulted in the largest total amount of blocks, along with their countries of origin and the number of times they were blocked. You can choose a time period at the top of the list to show statistics for the past 24 hours, 7 days or 30 days.

Top Countries by Number of Attacks

This list shows the number of attacks sorted by country of origin.

Firewall Summary

The “Firewall Summary” shows the number of attacks on your site that the firewall recently blocked. The summary includes three types of attacks:

  • Complex
  • Brute Force
  • Blocklist

A Complex attack is when a visitor makes a request to your site that is specifically crafted to exploit your site or find a vulnerability they can later exploit. Firewall rules block these types of attacks.

Brute Force attacks are username/password login guessing attempts. These attacks intend to log in to your WordPress admin.

Blocklist blocks are the number of times an IP has been preemptively blocked from accessing your site altogether. The premium Wordfence “Real-Time IP Blocklist” feature monitors the behavior of IP addresses across Wordfence installations on the web and immediately refuses access to IP addresses that are currently engaged in malicious behavior. Read more about the Real-Time IP Blocklist feature.

Total Attacks Blocked

You can also view “Total Attacks Blocked” to see any attack spikes across the entire Wordfence Network as well as the activity specific to your site. If you perceive that you are getting more attacks than usual, you can use this chart to see if that is something that is affecting more WordPress sites than just yours.

Login Attempts

This table shows recent successful logins and failed login attempts. Click the button at the top to view “Successful” or “Failed” login attempts.