I first realized how much I appreciate Wordfence when WebHostingHub told me I had excessive activity on my server and I would have to disable Wordfence. That’s when I decided my relationship with WebhostingHub would be a short one.
Wordfence is a free security plugin for WordPress sites. I’ve been using Wordfence ever since my first visit from someone searching for TimThumb vulnerabilities on my site. At that time I had no clue what I was looking for but I wanted my site protected and Wordfence promised to do a lot of seemingly good things. .
Wordfence does scan for TimThumb vulnerabilities but it also logs all 404 events and all attempted login errors. It scans all your WordPress files and plugins and compares them to the ones on the WordPress site. It also checks your password just to make sure it has sufficient complexity.
What I did not expect was that Wordfence made it easy for me to track down some issues on my website. If you look at my comments section, you’ll notice that there is a small text bubble proceeding each comment. It’s very easy to miss and the first few versions of my theme did not show it. What I did see was a log entry from Wordfence for every visitor trying to load a file called bubble.png. It turned out my theme was being distributed with a misnamed file. When I renamed it, the text bubble started showing up and Wordfence quit logging people trying to download a non-existent file.
When the log shows several people people having problems finding a file, I know I have a bad link. It happens. When I see the same IP address trying to access several files that aren’t on my site, I know they’re probing my site for vulnerabilities. Wordfence makes it incredibly easy to ensure they no longer visit me using that IP address. I select Block under the address and that address can’t access my site for the next 10 days. This gives me time to see if they’re listed on any of the sites tracking that kind of behavior. The usual answer is yes and I permanently block them.
I also use the block feature for people trying to log into my administrator account. Several of them have made over 800 attempts even after being blocked. Wordfence will automatically block an account for too many attempts with a bad password (it’s a bad idea to forget your password) or attempting too many non-existent locations in a given period of time.
I mentioned that I use the free version of Wordfence. They also offer a premium version with a yearly fee. The premium version goes a little deeper into scanning for vulnerabilities, allows you the ability to schedule your daily scan and allows you to block IP addresses by country.
Until I started this blog I never considered how international the net is. On a daily basis I get hits from Canada, UK, Australia, Italy, Ukraine, China and Russia to mention a few. A few of them actually seem to be reading my posts. Most are simply crawling my website for pictures or keywords. Then there’s a very few that seem intent on hacking into my site. It seems to change over time but this month Ukraine and France seem to be having a hacking contest with my site as one of the lesser goals.
There may actually be someone in France or Ukraine that would enjoy reading my posts but their fellow countrymen are making Wordfence Premium look very attractive.
Decisions, decisions, Wordfence or WebHostingHub? I’ve made a compromise by turning off the automatic scanning but the decision to move is not that hard. Opinionbypen.com has been on GoDaddy for the last 10 months and I’ve been very happy with their performance. It looks like my next adventure will be moving Fromthedoghouse.com to GoDaddy.
© 2013 – 2019, Byron Seastrunk. All rights reserved.
I found your site by chance Googling for what to do with folks who attempt to log into my website using Admin as the User Name. Wordfence is great in identifying the source and yes, today I had log in attempts within a span of 3 hours from France and Ukraine.Amazing!