To install Wordfence Security and start protecting your WordPress website:
- Install Wordfence Security automatically or by uploading the ZIP file.
- Activate the security plugin through the 'Plugins' menu in WordPress.
- Wordfence Security is now activated. Go to the scan menu and start your first security scan. Scheduled security scanning will also be enabled.
- Once your first scan has completed a list of security threats will appear. Go through them one by one to secure your site.
- Visit the Wordfence Security options page to enter your email address so that you can receive email security alerts.
- Optionally change your security level or adjust the advanced options to set individual security scanning and protection options for your site.
- Click the "Live Traffic" menu option to watch your site activity in real-time. Situational awareness is an important part of website security.
To install Wordfence Security on WordPress Multi-Site installations:
- Install Wordfence Security via the plugin directory or by uploading the ZIP file.
- Network Activate Wordfence Security. This step is important because until you network activate it, your sites will see the plugin option on their plugins menu. Once activated that option dissapears.
- Now that Wordfence is network activated it will appear on your Network Admin menu. Wordfence Security will not appear on any individual site's menu.
- Go to the "Scan" menu and start your first security scan.
- Wordfence Security will do a security scan all files in your WordPress installation including those in the blogs.dir directory of your individual sites.
- Live Traffic will appear for ALL sites in your network. If you have a heavily trafficked system you may want to disable live traffic which will stop logging to the DB.
- Firewall rules and login rules apply to the WHOLE system. So if you fail a login on site1.example.com and site2.example.com it counts as 2 failures. Crawler traffic is counted between blogs, so if you hit three sites in the network, all the hits are totalled and that counts as the rate you're accessing the system.