Wordfence and JetPack: Turn Jetpacks Brute-Force off?

  • Resolved w-sky

    (@w-sky)


    4 months, 1 week ago

    Maybe a stupid question, but since I am using Jetpack and Wordfence on my site, I am not sure if I should switch Jetpacks Brute-Force protection off when Wordfence Firewall Brute Force Protection is on.

    Maybe it’s safer to use both because one may still work if an attackers learned how to circumvent the other … or maybe it’s a potential conflict source.

Viewing 1 replies (of 1 total)
  • Plugin Support wfmargaret

    (@wfmargaret)

    Hi @w-sky,

    As far as I’m aware, there aren’t any compatibility issues in leaving both active and you should be able to continue to use Jetpack’s brute-force protection without issue. Having said that, we typically advise against using multiple security plugins for the same functionality. The benefits would likely be minimal and there may be a negative performance impact on the site.

    When using Jetpack with Wordfence, we recommend that the “Disable XML-RPC authentication” checkbox in?Wordfence > Login Security > Settings?and any manual?.htaccess?blocking to XML-RPC isn’t in place, as Jetpack uses it.

    Also, if you are using Wordfence 2FA, there is a note before you turn it on to choose the “Skipped” option if you use the WordPress app, Jetpack, or other services that require XML-RPC.

    Please let me know if you have any other questions!

    Thanks,
    Margaret

Viewing 1 replies (of 1 total)
  • You must be logged in to reply to this topic.