How to Set Up a WordPress Firewall Plugin

A WordPress firewall plugin monitors and filters malicious traffic before it reaches your site. It can block SQL injection attempts, cross-site scripting, and brute-force login attacks. dotCanada recommends Wordfence Security as one of the most comprehensive free options available.

Installing Wordfence

  1. In your WordPress dashboard, go to Plugins > Add New.
  2. Search for Wordfence Security.
  3. Click Install Now, then Activate.
  4. Enter your email address when prompted to receive security alerts.

Configuring the Firewall

  1. Go to Wordfence > Firewall in your dashboard.
  2. Click Manage Firewall. The firewall starts in Learning Mode for one week, which allows it to learn your site’s normal traffic patterns before blocking anything.
  3. After the learning period, switch the protection level to Enabled and Protecting.
  4. Review the Blocking tab to see any IPs or countries that have been blocked.

Additional Wordfence Features

  • Rate limiting: Controls how many requests any single visitor can make
  • Login security: Enables 2FA and limits login attempts
  • Live traffic: Shows real-time requests hitting your site
  • Alerts: Email notifications for blocked attacks and plugin vulnerabilities

Wordfence Free is robust for most sites. The paid version adds real-time threat intelligence. If you need help with configuration, contact our support team.

Previous

How to Force HTTPS in WordPress

Next

How to Scan WordPress for Malware

Related Articles

What Is WordPress and Is It Right for Me?How to Install WordPress Using SoftaculousHow to Log Into the WordPress Admin DashboardWordPress Dashboard Overview for Beginners

100% Satisfaction Guarantee

We're so confident you'll love dotCanada that we offer a 30-day money-back guarantee. Not satisfied? Get a full refund, no questions asked.

Ready to Get Started?

Join thousands of Canadian website owners who trust dotCanada for reliable, fast web hosting.

Get Started Today