using wordfence with another security plugin

  • Resolved makmerghen

    (@makmerghen)


    5 years ago

    hello
    does wordfence enough for all security issues or installing plugin that hide wordpress directories and change admin url login will be benefit if installed along with wordfence
    or that not good ?
    if it is good please recommend name of hide wp plugin that is compatible with wordfence

    regards

Viewing 8 replies - 1 through 8 (of 8 total)
  • WFGerroald

    (@wfgerald)

    Hey @makmerghen,

    I wouldn’t recommend changing the wp-login slug. This can break WordPress, plugins and themes. It really doesn’t have as much security value as you’d think. There’s more on the subeject below from our CEO.

    https://www.wordfence.com/blog/2017/10/should-you-hide-wordpress-login-page/

    Please let me know if you have any questions.

    Thanks,

    Gerroald

    Thread Starter makmerghen

    (@makmerghen)

    thank you for your advise
    1- you told that it is not good to change wp-login slug
    some plugin do the next first you must add different login url as example yoursite.com/wp-anything after you do that and insert username and pass word you find your self login to the site under yoursite.com/wp-admin

    2- regarding the plugins who completely hide WordPress core files, theme and plugins paths from being show on front side.

    is that useful if used along with wordfence or what you recommend ?

    regards

    WFGerroald

    (@wfgerald)

    Hey @makmerghen,

    These are all security through obscurity techniques. While they sound like they have great security benefits, they really don’t. When a malicious script is scanning your site/server it doesn’t care or look to see what version of WordPress you’re using, or even if you’re running WordPress. It’s basically a mindless bot that’s looking for the particular vulnerability it was programmed for. If it doesn’t find it, it’ll move on.

    With this said, if you’d like to implement these on your site it’s just fine to do so as long as it doesn’t conflict with anything. But I’d definitely suggest relying on real security measures such as Two-Factor and strong passwords to protect your site.

    If you have any other questions, please let me know.

    Thanks,

    Gerroald

    Thread Starter makmerghen

    (@makmerghen)

    so please confirm using wordfence with the option of 2 factor is enough ?

    WFGerroald

    (@wfgerald)

    Hey @makmerghen,

    This is a personal preference. If the plugins you’d like to use to hide the login pages and WordPress references don’t interfere with the site functionality, then it’s just fine to use them. I, personally, do not use these types of features on my sites. Two of the best security measures you can take are Two-Factor and Strong Passwords. I use both of these on all of my sites.

    So, yes, I believe using Two-Factor and Strong Passwords without the security through security techniques is just fine.

    Thanks,

    Gerroald

    Thread Starter makmerghen

    (@makmerghen)

    thank you for your patient and helping
    best regards

    WFGerroald

    (@wfgerald)

    Hey @makmerghen,

    No problem at all, it’s what we’re here for!

    Please do let us know if you have any other questions, or if something comes up.

    Thanks,

    Gerroald

    Thread Starter makmerghen

    (@makmerghen)

    dear I have an issue want you to clear it to me
    now when using 2FA when try log in using wp-admin then the 2fa work and ask me to enter the authentication numbers I got in mobile
    but
    if I use login form the created using forms plugin such as ultimate member
    and then i add my admin username and password then it go directly to admin area without asking for mobile authentication code

    is that normal or there are some thing wrong or there are some thing need to to be done ?
    regards

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘using wordfence with another security plugin’ is closed to new replies.