Hi @rockinaway, thanks for getting in touch!
We do have plans to allow customization of the Wordfence blocking pages as we appreciate branding or style changes would be desirable by some customers. Currently though, it is not possible to edit the Wordfence blocking pages through the plugin other than add custom text in Wordfence > All Options > Brute Force Protection > Additional Options > Custom text shown on block pages.
In the mean time, our stance on “security through obscurity”, similar to hiding WordPress login pages, or adding obscure database table prefixes is that knowing Wordfence or indeed WordPress is installed on a site is not a security issue in itself. Attackers rarely pre-check for the presence of specific vulnerable plugins or WordPress versions as this takes additional time so will often act in a “hit and hope” manner. If somebody is checking a site, the publicly visible page source or commonly known paths for an open source product such as WordPress would allow them to discover this fairly quickly.
Provided you have 2FA and reCAPTCHA enabled for your administrative accounts – as also recommended by WordPress themselves – and complex passwords set for your cPanel/FTP/database/host etc. then Wordfence will look after your WordPress installation using its extensive database of vulnerabilities, IPs and signatures to detect exploitable plugins, known current “bad” IPs, and malicious files.
I hope that helps you out!
Peter.
