Plugin Support
WFAdam
(@wfadam)
Hello @harshalbundiwal and thanks for reaching out!
Wordfence doesn’t hide the directories but it does protect them. What was your goal with hiding them?
You can block anyone who tries to attempt connecting to any certain pages with Wordfence.
The Wordfence Web Application Firewall protects against a number of common web-based attacks as well as a large amount of attacks specifically targeted at WordPress and WordPress themes and plugins. It is set up to run at the beginning of WordPress’ initialization to filter any attacks before plugins or themes can run any potentially vulnerable code.
Let me know if this was helpful!
Thanks!
Thanks for replying, I hope you are doing good.
Can I block people who try to look into my directories?
Can you tell me how can I do that or any documentation is available for the same?
I am currently using a free version of Wordfence.
Looking forward to your reply.
Wish you a great day ahead!
Plugin Support
WFAdam
(@wfadam)
I would be happy to provide you with some information @harshalbundiwal
You can block IPs that attempt to access specified URLs in the All Options > Firewall Options > Advanced Firewall Options > Immediately block IPs that access these URLs section. Just add the directory you want to block from visitors.
https://www.wordfence.com/help/firewall/options/#immediately-block-urls is a good resource for how to block by URL as well.
Thanks again for your support!
Thanks for the reply,
Can you just tell me one more thing,
I just added this URL’s to the Immediately block IPs that access these URLs section
1. wp-content
2. wp-includes
3. wp-admin
Will these create any problem for me running the website or indexing my website?
Plugin Support
WFAdam
(@wfadam)
This allows you to set a trap for bad guys. You can enter a URL that does not exist, for example: /vulnerabilityLivesHere
If anyone tries to access that URL, they are instantly blocked. You have to specify a relative URL. In other words, it must start with a forward slash. Wildcards (*) can be used, if there are visits to multiple bad URLs. For example, if there are visits to /badpage-one/ and /badpage-two/, then entering /badpage-*/ will block both.
If you are using WordPress Multisite * can be used before a URL to match requests on all mapped domains in the Multisite. For example */spammy-page-to-block/ will match domain182738.com/spammy-page-to-block/ and domain12313.com/spammy-page-to-block/ if those are both sites in the same Multisite where Wordfence is installed.
We only recommend this feature if you are trying to catch a specific hacker to block them, or if you are trying to catch hackers that are trying to exploit a known vulnerability or page on your site. Be careful not to visit the banned URL yourself by accident, as you will be blocked instantly.
When blocked via this option, an IP will be blocked for the duration you have specified under “Rate Limiting Rules.”
Hope this helps!
Thanks!
Thanks for the information, added the settings on my website and now I can just relax.
Thanks for the help.
