Wordfence Settings and blocking URLs – firewall

On the free version of wordfence, I have found that it works well to have certain configurations to save time.

Options that are set on all of my sites:

All OPTIONS>VIEW CUSTOMISATIONS (tick all three of the boxes so that you can access options quickly from the dashboard).

FIREWALL OPTIONS>BRUTE FORCE PROTECTION (I set it to lockout after 5 login failures, 3 forgotten password attempts, count failures in the time period of 1 hour, amount of time a user is locked out is 5 days or longer if it is a site that is not accessed regularly for commerce – maybe a month for a personal blog site). Immediately block common login usernames as these will be used by bots to attempt to access your site:

  1. root
  2. test
  3. oracle
  4. admin
  5. user
  6. postgres
  7. guest
  8. nagios
  9. mysql
  10. tomcat
  11. student
  12. Cyrus
  13. mythtv
  14. administrator
  15. temp
  16. apache

On a regular basis, you need to update the BLOCKING URLs. This can be done via the email (although I find that some occasions, no emails are sent by the site).

If you find that no emails are being sent by the site, then under LIVE TRAFFIC (from the site dashboard). Select the Blocked by firewall list, then scroll down and click block on any that have not been blocked. After doing this, then scroll down to the Blocked list and do the same, lastly check the locked out (make sure not to block yourself or any other user that is in the same location as you are). Finally, go to the BLOCKING section on the dashboard and select all of the URLs and click “make permanent”.