Hi @alanlaithwaite, thank-you for your excellent review!
We’re always delighted to hear from a customer when the plugin has helped out when needed and has been valuable enough for you to keep running it as a key part of your WordPress site’s security. Each positive review helps other WordPress users make a decision on which plugin they should use, so we appreciate you taking some time to leave this one.
It can be concerning to see a record of the random hits to your site in Live Traffic, or problems raised with currently installed plugin versions but is not a sign you’re doing something wrong. Just remaining vigilant is the best strategy as you’ve been doing.
With WordPress’ popularity across the web, random attempts to exploit sites that use it are widespread too. These are mostly automated attacks that pay no attention to your server platform, installed plugins, version numbers, or valid URLs before trying. They are just looking for easy targets where a vulnerable version of a plugin hasn’t been updated, there are no security measures in place, or an easily guessed username/password combination.
We release the plugin with default settings to consider many server/site and admin experience situations. If you need to look into certain features of Wordfence more, or understand something you’re seeing, you might find our documentation useful going forward: https://www.wordfence.com/help/
Additionally, you might find our free Learning Center helpful when trying to harden your site further or dealing with malware.
Our support forums here on www.remarpro.com are designed for users of the free plugin to seek assistance from members of our team as well as the wider Wordfence community, so feel free to use them if you’ve tried our resources and are still stuck.
I hope that helps you out and all the best going forward with using Wordfence!
Peter.
