Blocking Hackers & Spammers in WordPress

June 7, 2017

Welcome to part 3 of our anti-spam guide. If you missed part two, check out part 2 here.

Now let’s talk about how to get rid of bad traffic for good. This will make your site less susceptible to spammers and hackers. After all, if they can’t access your site then they can’t do harm!

Blocking Bad Visitors

A common way to prevent spam is to block abusive visitors. You can completely automate this process by using services like CloudFlare or WordFence.


CloudFlare provides a content delivery network, and best of all, their base package is free! Not only will it speed up your website — it will block abusive visitors from accessing your website. To set up CloudFlare go to and create an account.

Once the account is created you will need to point your domain name servers to run through CloudFlare. This is not for the novice user.


WordFence, in my opinion, is the number one plugin all WordPress websites should have. It helps secure your site against hackers and actively scans for vulnerabilities. The premium version offers automated blocking of abusive visitors from within the WordFence network. The free version will only block visitors that try and hack your website.