Hey, it's Rob cabin here. So it's been a week since I installed the wordfence security plugin on this websites. And I just want to show you that if you do install the wordfence security plug in to your site, then you should always check back a week later, because you want to see that the web application firewall is enabled. And sure enough, we've come back here a week later. And you can see here the firewall status is enabled and protecting. And the protection level is extended protection.

This is exactly what you want. For the first week, it would have been in learning mode. Remember, in learning mode, you make sure you don't post anything to the site. You just leave the site alone so the software can identify normal website traffic and that's how it creates the protection. So you're being protected from Bruce attacks, you're being scanned against known vulnerabilities and the wordfence security plugin is doing its job. Well, now that we've set it up in the way that we have, and this is something that will take you five minutes, and you just go back a week later.

And that's all you have to do you have all that protection, a very high range of protection. And if you do this plus the other basic security procedures, then you'll go a long way to protecting your WordPress sites. So now I'm here I just want to show you a couple of emails that I got. Remember, we went into wordfence options, and then scroll down into advanced options alerts. Now you can control which emails you get. And as you remember, I like to get quite a lot of emails, especially when I first set up the wordfence security plugin, because it's just so helpful to see what going on with the site, and how the plug in is helping.

So let's have a look at a couple of these emails to show you the sort of things you find out. So this is an email I received from this particular site. So this is in the first week. And we see that an IP had been blocked. Why? Because it had tried to log in with the username admin, as you can see here.

And we know that that would have to be a malicious attack, an attempt at a brute force login, because we don't, of course, use that login. And no members of my team would try to gain access to the site with that last login. So it has to be a hacker, and the IP address has been blocked. So there's a bit of information about what the plugin is doing. You don't have to do anything. It's just information for you.

If you don't want to receive that email, then of course, you can look under alerts and you can see this one alert when an IP address is blocked. So you could uncheck that If you're getting too many of those email, similarly, I do like if you scroll down the email summary, I like to receive an email summary once a week from the size that the wordfence security plugin is protecting. And this gives me some information about what's going on there. And I'll show you an example of this email here. So it will tell you how many IPS are being blocked and what the countries the countries where the IPS are from. And it's a frightening number of IPS that are being blocked on these very small sites.

But I wanted to call your attention to this failed logins usernames. And remember I said that with these brute force attacks that you are using every day, increasingly sophisticated software, in order to hack into your sites, dictionary attacks, where they try and guess usernames and passwords that are most common. So remember, we can't use the obvious ones like admin test WordPress websites as your username. But you really should not use the obvious usernames as well don't use your first name and last name. And don't use your first name and last name with a note of digits, don't use the name of the site or the URL, the domain of the size in any particular combination, because look what they're doing here. They're trying to guess people's names.

They're using common first names with well not so common last names with a load of numbers as well. So if you think that your website is too small, and is under the radar of hackers, then I'm afraid you might be mistaken. These are very warped small websites that I'm protecting with wordfence security plugin. And let me tell you, the hackers don't care who you are. You could be a nonprofit, you could be a rich company. You could be a tiny little website.

They just want to go out and hack sites so they get money. From backlinks and from other reasons why they want to maliciously enter your site, and they don't care who you are, and they will use this software towards you towards these small sites. So if you're using anything like guessable, easily memorable username or password, then I suggest you change it. Now, here is the proof why you need to do that. So I hope that's helped you. wordfence security plugin takes five minutes to set up, and that along with the other obvious security precautions will go an extremely long way to protecting your WordPress website and your business from a malicious attack.

My name is Rob Carmen, I'll see you in another video.