Does wordfence protect any website hosted inside the wordpress directory

  • Resolved pao2

    (@pao2)


    1 month, 3 weeks ago

    For example an unrelated phpBB board installed within the directory of a wordpress site where wordfence is installed. Does the parent wordfence protect the board against, say, brute force logins?

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @pao2, thanks for your question.

    Wordfence will still scan and look for malicious code in an entire folder if Wordfence > All Options > General Options Scan files outside your WordPress installation is selected. Anything hit in that directory should still also benefit from Rate Limiting and other general protection when your domain is hit.

    However, you may find that Brute Force and Login Security options may only work for default WordPress/WooCommerce login and registration pages rather than any others you have outside of your installation. You may need to run some tests to see if anything comes up in Live Traffic when your phpBB site is accessed to decide whether you need to harden any entry points separately there.

    Many thanks,
    Peter.

    Thread Starter pao2

    (@pao2)

    Anything hit in that directory should still also benefit from Rate Limiting and other general protection when your domain is hit.

    Does that include wordfence’s real-time blocking of malicious user agent/signature patterns etc?

    Plugin Support wfpeter

    (@wfpeter)

    Hi again @pao2,

    So long as your phpBB board is accessible in a browser from the same domain as your WordPress site, the firewall should check every page load as usual. If the firewall is optimized, the usual checks will still happen before any content is served to the end-user.

    Thanks,
    Peter.

Viewing 3 replies - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.

Tags