Does my static non-blog WP site need a security plugin?

Hi,

If your site is based on WordPress, then you are going to be subjected to attacks all the time. I’d recommend installing Wordfence and giving it a test run for a week. You’ll be amazed at who/what tries to login to your site.

Here are some good resources to explore WordPress security:

From WordPress:

https://codex.www.ads-software.com/Hardening_WordPress

From us:

https://www.wordfence.com/learn/

Thanks,
Brian

Thanks Brian,for your reply and the references. Yeah, I used to have Wordfence, which was great of course, but wondered if I needed all that for my site. Seemed to slow down my page loading or something, so I removed it. But I miss its messages about my needing plugin updates. That was really helpful.

@mariecarm: Yes, it is still important since the site still has plugins and a login form and such — unfortunately, even relatively static sites usually get daily attacks.

If it does seem to slow down page loading speed, you can disable the Live Traffic option (or just disable it if you don’t plan to use it). This feature uses a small script on each page, and on some hosts it may cause a noticeable difference. The rest of Wordfence is quite fast and isn’t likely to make the site slow, but if there is a significant difference in speed, let us know.

-Matt R

Thank you so much, Matt! I’ll do that–disable live traffic. Thanks for the tip! So yes (to myself), I’ll keep Wordfence.