Hi @mayank2021, thanks for getting in touch and I’m glad to hear the early thoughts are so positive!
You are most likely receiving these emails because “Alert me when someone with administrator access signs in” is set in Wordfence > All Options > Email Alert Preferences. You can turn this off altogether, or set the “Only alert me when that administrator signs in from a new device” so you only get notified if your credentials have been used from a different device to your usual one.
In reference to visits, you can always check your Rate Limiting and/or Brute Force settings to increase time that blocks are implemented for, increase or decrease the strictness that causes blocks. However, Wordfence will generally do all of the important blocking for you so that you don’t have to. It may be tempting to permanently block these attempts when you see them but it’s generally an ineffective strategy and takes up your time, so please consult the following links for more information:
https://www.wordfence.com/blog/2017/11/should-permantly-block-ips/
https://www.wordfence.com/help/blocking/#ip-address
Litespeed Cache isn’t an alternative to Wordfence, as it concentrates around site speed and optimizing resources so the use of this on your site is entirely up to you.
Wordfence does not provide “analytics” as such but the Live Traffic page updates in real-time. This can be set to “ALL TRAFFIC”, which will show more than just security events, but all page hits on your site as they are happening. Naturally this takes more resources to store but can always be turned off at a later date.
I hope this helps you out, have fun using Wordfence!
Thanks,
Peter.
Thanks a lot @wfpeter for indepth response & links.
Rest all solved with just 1 exception, RATE LIMITING – i tried to bring limit for “If a crawler’s pages not found (404s) exceed” to 30 ( as suggested in a wordfence youtube video – they said even to try 15) but then wordfence gave caution – “Very strict. May cause false positives”. So i fixed it at 60.
Similarly i fixed 60 for “If a human’s pages not found (404s) exceed” bcs again it gives caution below this, however for humans even 15 is too much in a minute!
So, What’s the final verdict?
Hi @mayank2021,
Ultimately the settings are up to you. With the warning message, it is just there to remind you that legitimate visitors may experience blocks under stricter settings. I don’t see a problem with testing it at the lower number that you prefer for a period – like you say, 15 hits in a minute could be considered excessive – but if you notice that Live Traffic starts reporting a lot of human blocks, or you receive complaints from a visitor that they were blocked from your site, then the number could always be increased again.
Thanks again,
Peter.
