Hi, longtime WF user and pro blogger here.
Mainly, disable scans, or disable most of the scanning options as well as taking care with what exactly is being scanned. The only real reason in my opinion to buy the Premium version is you can schedule scans. I found that to not be worth the money, instead I just configure the scans so they use minimal resources. For example, be careful with what exactly is being scanned on your server, such as your images. In our case we have tens of thousands of images, scanning them more than a few times a year would be ludicrous.
Other than that, step through the “All Options” page and work on things that are ways to optimize, such as “Update interval in seconds.” As well as the “Performance Options”
Test your site with and without Wordfence. In my case, I found that without scanning, Wordfence was quite efficient. As always with plugins, it’s necessary to prioritize what is important, as most plugins are junk shows that not only use bandwidth, but are attack surfaces and will probably at some point become orphaned _after_ you structure your entire website to depend on them.
By the way, in terms of your hosting resources you might also consider how much bandwidth is being used by bots banging away at your site. Block using aggressive frequency blocking in Wordfence, as well as country blocking using either Premium Wordfence, or IQ Block Country. IQ works well. I also recommend WPS Hide Login just to reduce the confusion.
MTN
Plugin Support
wfphil
(@wfphil)
Here are some instructions for improving the performance of Wordfence.
1) Check to make sure the server software is up to date. At Wordfence we suggest using at least PHP 5.6 in order to keep your site stable and secure (preferably PHP 7 due to improved performance). PHP versions lower than 5.6 are no longer supported by the developers of PHP and unless they are properly patched they can contain security holes. You can see more information about supported versions of PHP in the link below:
https://en.wikipedia.org/wiki/PHP#Release_history
2) Turning off automated scans may help, but be aware that you will then not be notified if malware appears on your site because Wordfence will not be able to detect it.
3) To limit the scans activity you can disable these scan options:
* Scan theme files against repository versions for changes
* Scan plugin files against repository versions for changes
* Scan files outside your WordPress installation
* Scan images, binary, and other files as if they were executable
* Enable HIGH SENSITIVITY scanning (may give false positives)
These options are disabled by default for a Standard Scan and are only enabled for a High Sensitivity scan. A High Sensitivity scan is to be used if your site is already showing signs of an infection.
Enable this option
* Use low resource scanning (reduces server load by lengthening the scan duration)
4) You can also disable the “Live Traffic” feature. If you want to keep using the “Live Traffic” feature you can increase the value in the option “Update interval in seconds” to say 15. This will allow you to still see current activity on the site, just with a longer delay. This option is in the “General Wordfence Options” section on the Wordfence “All Options” page.
Thanks.
Thread Starter
Anonymous User 15521305
(@anonymized-15521305)
@wfphil Thanks.
1) My php version is 7.2
2) Not yet tried
3) I’ve followed your instructions
4) I’ve followed your instructions.
Thanks. Recently, I’ve tried to investigate which plugins cause many generated processes. I will tell you if anything improved.
Hi @topsan123
Since we haven’t heard from you for a while I’m going to go ahead and resolve this thread. If you have any other questions or concerns, don’t hesitate to open a new one.
Thanks.
