We will introduce several main word options that help ensure the security of the word press website. If wordfence wants to read this article, he decides to protect the site himself. This is a continuation of this article and the WordPress security guide. If you haven’t read it yet, read it now. It will be important to understand the extent of our interpretation. The free plug-in for choosing the security solution \
As with all dashboards that respect the system based male, you can find a summary of the various activities performed by the plug-in on this page. There is a list and status of all active services, as well as services that will be charged. In the thread defense feed you, find the number of attack types that the plug-in defends against. The first and all users’ numbers, and the second is a toll service. Then, we have some statistics on our website, such as the number of intercepted attacks and the report of all global attacks defended by wordfedence. It is also interesting to learn about the countries that have attacked our website and the world You can view the number of blocked IPS and log in attempts. The
Go to the wordfence options panel and specify the settings. On this page, you can enable or disable many features of the plug-in. Enable live traffic view. In fact, wordfence allows you to see all the traffic happening on your site in real time. It is both a basic function and a performance weighting function. Please keep it inactive. It can be activated later if necessary. It is important to ensure that automatic appointment search is enabled. Check for viruses in automatic mode. The
To have wordfence automatically install updates, please \
Male reads the item and enables or disables the item that you want to receive notifications. Be careful not to activate all projects. For options such as notification when non administrator users log in, site users send e-mail each time they log in. Login. Go to the wordfence options section called \
Logically, this option does not apply to plug-ins and themes that are not or have not been purchased in the official repository. Use lower resource search and settings, and consider whether the server is not powerful enough. After activation, the scanning will be prolonged with the passage of time, and there are websites
. Male deny comes from all male files. Save it as htaccess and upload it via FTP to the folder where you want to block the script, such as the WP content \/ uploads folder. Recommendation: use a text editor (such as atom or subsite text) to create this file. The file with a dot at the beginning is a hidden file, so the operating system cannot view it. Instead, you can view it in the FTP editor and on the client, such as FileZilla for uploading to the server. Avoid displaying directory contents (directory list) it is not recommended to have an online server that displays directory contents. After checking other folders, if a list of files, images, and folders is displayed, it must be ed. Add the following line to the htaccess file in the root directory of the site: Options indexes XML-RPC disables the XML-RPC protocol for WordPress remote execution procedures. By default, it is enabled from version 3.4, but this is a factor that may trigger indiscriminate college entrance examination attacks. This agreement need not be activated if: Do not publish to the site through windows live writer. Do not use the WordPress mobile app. Do not use any type of service to connect to your site remotely. In this case, we always encounter files. Htaccess, we need to enter the order deny, all all all all from XX in the root directory of the site. Xxx Xxx If you only want to activate XXX malespecific IP (to replace various XXX), it is allowed to insert on the line.
