1. What is Wordfence for WordPress?
Wordfence is a plug-in (an extension) that we can install for you in WordPress. We work with the Premium version of this plug-in and will briefly explain it on this page. Wordfence is a combination of a firewall and a malware scanner. It has been specially developed to protect WordPress websites against unwanted intruders (hackers).
Through a ‘Threat Defense Feed’, Wordfence is continuously updated with the latest features of malware, new rules for the firewall and a blacklist of IP addresses known to be used by hackers to attack websites. The ‘Threat Defense Feed’ is thus a constantly updated list that Wordfence uses to recognize and prevent attacks.
The Wordfence scanner checks all WordPress core files, templates and plug-ins for malware. Wordfence checks for SEO spam, suspicious URLs, malicious redirects (redirecting to non-existent or infected pages) and compares WordPress files with those of the official version. As a result, the scanner will notice when modifications are made to important WordPress files.

3. Wordfence supports 2FA to log in
Maybe you already know 2FA from your bank or another institution where it is becoming more and more common. 2FA stands for two factor authentication and means that you use 2 passwords or codes to log in. This is now also possible for WordPress, via the Wordfence plug-in that we offer as an option on our websites.
It works as follows. You choose a secure username and password to log in to the backend (the backend of WordPress that the user does not see, but where you add pages and content). Then an extra screen appears asking for a code. This is the second authorization required before you can access WordPress. This code is randomly created by an app on your smartphone. An example of such an app is Google Authenticator. After you’ve added your account, the app will create codes that change all the time. As soon as you’re asked for it, type in the code that’s currently in the app and you’ll get access to WordPress.
Because the app is on a different device (your smartphone instead of your PC or laptop) and by quickly randomly generating the login code, this way of logging in offers extra protection against unwanted access to the WordPress backend.
