Are you the publisher? Claim or contact us about this channel


Embed this content in your HTML

Search

Report adult content:

click to rate:

Account: (login)

More Channels


Channel Catalog


    0 0

    Replies: 0

    My problem is with wordfence.com. I know the email I’m using is right because I keep getting all the Wordfence alerts to that email (as early as one minute ago). But when I enter it into the ‘forgot password’ field, it tells me there is no such email/username. Does anyone have that problem?
    Thanks!


    0 0

    Replies: 0

    One of my customers is being told by her hosting company that she’s using too much CPU usage. Their recent email included this excerpt from their server logs. They manually blocked this IP address. Can you tell me why WordFence didn’t block it?

    Domlogs:
    =======
    /opt/hosting/logs/domlogs/domainname.com:204.12.255.130 – – [26/Sep/2016:20:15:14 -0700] “POST //xmlrpc.php HTTP/1.1” 301 304 “-” “-”
    /opt/hosting/logs/domlogs/domainname.com:204.12.255.130 – – [26/Sep/2016:20:15:14 -0700] “POST //xmlrpc.php HTTP/1.1” 301 304 “-” “-”
    /opt/hosting/logs/domlogs/domainname.com:204.12.255.130 – – [26/Sep/2016:20:15:14 -0700] “POST //xmlrpc.php HTTP/1.1” 301 304 “-” “-”
    /opt/hosting/logs/domlogs/domainname.com:204.12.255.130 – – [26/Sep/2016:20:15:14 -0700] “POST //xmlrpc.php HTTP/1.1” 301 304 “-” “-”
    /opt/hosting/logs/domlogs/domainname.com:204.12.255.130 – – [26/Sep/2016:20:15:14 -0700] “POST //xmlrpc.php HTTP/1.1” 301 304 “-” “-”
    /opt/hosting/logs/domlogs/domainname.com:204.12.255.130 – – [26/Sep/2016:20:15:14 -0700] “POST //xmlrpc.php HTTP/1.1” 301 304 “-” “-”
    /opt/hosting/logs/domlogs/domainname.com:204.12.255.130 – – [26/Sep/2016:20:15:14 -0700] “POST //xmlrpc.php HTTP/1.1” 301 304 “-” “-”
    /opt/hosting/logs/domlogs/domainname.com:204.12.255.130 – – [26/Sep/2016:20:15:14 -0700] “POST //xmlrpc.php HTTP/1.1” 301 304 “-” “-”
    /opt/hosting/logs/domlogs/domainname.com:204.12.255.130 – – [26/Sep/2016:20:15:14 -0700] “POST //xmlrpc.php HTTP/1.1” 301 304 “-” “-”
    /opt/hosting/logs/domlogs/domainname.com:204.12.255.130 – – [26/Sep/2016:20:15:14 -0700] “POST //xmlrpc.php HTTP/1.1” 301 304 “-” “-”
    /opt/hosting/logs/domlogs/domainname.com:204.12.255.130 – – [26/Sep/2016:20:15:14 -0700] “POST //xmlrpc.php HTTP/1.1” 301 304 “-” “-”
    /opt/hosting/logs/domlogs/domainname.com:204.12.255.130 – – [26/Sep/2016:20:15:14 -0700] “POST //xmlrpc.php HTTP/1.1” 301 304 “-” “-”
    ======

    Also, back in March, this same issue arose with XMLRPC and the hosting company added this to .htaccess which I thought was supposed to prevent it from happening again:

    <IfModule mod_alias.c>
    Redirect 301 /xmlrpc.php http://127.0.0.1
    </IfModule>

    Any tips are welcome. We don’t understand why WordFence didn’t step in.


    0 0
  • 09/27/16--07:30: Wordfence Reporting Times
  • Replies: 0

    Hello,
    I noticed that when Wordfence reports it’s “Recently Modified Files” the times its reporting are 5 hours later than the actual server time. For example server will show 12:19pm and Wordfence will show 5:19pm. Is there a way to change/alter the times Wordfence is reporting to match server times?

    Thanks
    Clint


    0 0
  • 09/27/16--10:28: Wordfence Scan Results
  • Replies: 0

    Hello,
    Just curious why does Wordfence Scan, with High Sensitivity scanning enabled, show the file listed below as not being a core file? It shows the warning shown below when scanning the root site on my shared server. I should also add, that when scanning the root site it only shows this warning for all sites that are not the root site, and does not show this warning for my root site. However, when scanning the individual non-root sites this warning does not appear.

    I am also curious to know, if you scan the root site on a shared server, does it accurately scan all of my other sites on that shared server? Will the root site scan results for the additional sites be the same as an individual scan on the other non-root sites?
    Thanks
    Clint

    This file may contain malicious executable code: /public_html/site.com/wp-admin/includes/class-pclzip.php
    Filename: site.com/wp-admin/includes/class-pclzip.php
    File type: Not a core, theme or plugin file.


    0 0

    Replies: 0

    Greetings all. We have a new Wordfence version today, version 6.2.0. This release has some great scan engine improvments so please update as soon as you are able.

    • Improvement: Massive performance boost in file system scan.
    • Improvement: Added low resource usage scan option for shared hosts.
    • Improvement: Aggregated login attempts when checking the Wordfence Security Network for brute force attackers to reduce total requests.
    • Improvement: Now displaying scan time in a more readable format rather than total seconds.
    • Improvement: Added PHP7 compatible .htaccess directives to disable code execution within uploads directory.
    • Fix: Added throttling to sync the WAF attack data.
    • Fix: Removed unnecessary single quote in copy containing “IP’s”.
    • Fix: Fixed rare, edge case where cron key does not match the key in the database.
    • Fix: Fixed bug with regex matching carriage returns in the .htaccess based IP block list.
    • Fix: Fixed scans failing in subdirectory sites when updating malware signatures.
    • Fix: Fixed infinite loop in scan caused by symlinks.
    • Fix: Remove extra slash from “File restored OK” message in scan results.

    Thanks everyone for great comments and suggestions. Send any of those you might have to feedback@wordfence.com and someone will get back to you.
    Keep in mind, the feedback address is not a place to request support.
    Also, no support questions will be answered in this thread.
    Free support requests can be posted at https://wordpress.org/support/plugin/wordfence
    Our premium customers can open a ticket at http://support.wordfence.com


    0 0
  • 09/27/16--12:43: Free Version Not Working
  • Replies: 3

    Web Host SG and Sucuri find malware. Why can’t Wordfence find the same issues?

    Site is using ssl, everything stays updated.

    Any idea why the wordfence scan can’t detect the malware detected by my host and sucuri?


    0 0

    Replies: 2

    Dashboard said Wordfence needs update. I clicked update now. Update failed. Tried to reinstall wf, got “Installation failed: Destination folder already exists.”

    Wf was running perfectly a long time (thanks!!). Please advise how do I reinstall and also recover previous wf settings?


    0 0

    Replies: 1

    Hi,
    I just get on my wordpress website fatal error.

    Fatal error: Call to a member function attach() on a non-object in /nfsmnt/hosting1_1/0/8/088e26d4-3a3e-4f67-aba6-0679a75658fa/kritickemyslenie.sk/web/wp-content/plugins/wordfence/waf/bootstrap.php on line 233

    I can’t login to admin, I can’t view my website
    Please could anybody help me? What should I do?

    Thanks


    0 0
  • 09/28/16--00:24: Links to WF documentation
  • Replies: 2

    Hi there,

    Not really a big issue, but when I click on a link (the little blue circle with ‘i’) within WF settings/options, it directs me to the main/home page of the documentation and I still have to scroll to the relevant entry. However, if I hover on the blue circle, it shows a link to the sub entry, but clicking it takes me to the main page. Yes, I cleared cookies and cache, for wordfence.com

    It’s been like this for a while now, when previously it directed to the relevant entry.

    Many thanks,

    Sean.


    0 0

    Replies: 1

    Hi, I updated Wordfence to 6.2 and now it gives me again the MySQL warnings that were solved in version 6.16/17. I already activated the new “use low resource” option.

    ========================================================================
    [Sep 28 11:25:04] Warning: mysqli_query(): MySQL server has gone away in /home/xxx/domains/xxx.it/public_html/wp-includes/wp-db.php on line 1868 Warning: mysqli_query(): Error reading result set’s header in /home/xxx/domains/xxx.it/public_html/wp-includes/wp-db.php on line 1868
    [Sep 28 11:25:25] Warning: mysqli_query(): MySQL server has gone away in /home/xxx/domains/xxx.it/public_html/wp-includes/wp-db.php on line 1868 Warning: mysqli_query(): Error reading result set’s header in /home/xxx/domains/xxx.it/public_html/wp-includes/wp-db.php on line 1868 Fatal error: Call to a member function bind_param() on a non-object in /home/xxx/domains/xxx.it/public_html/wp-content/plugins/wordfence/lib/wfConfig.php on line 487
    ========================================================================

    Do you have any suggestion on how to fix it? Thank you.


    0 0

    Replies: 2

    Hello,

    I would like to update wordfence, and it is not working.

    I test as well with localhost…

    All the plugins is deactivated

    The message error : see your Firewall etc..

    I also deactivated in the parameters of W 10 the firewall… but nothing changes

    Have you got an idea

    Best regards


    0 0
  • 09/28/16--07:52: Version check not right
  • Replies: 0

    I get a message by Wordfence: The Plugin “Wordfence Security” needs an upgrade (6.1.17 -> 6.2.0). But I already did the upgrade and in the plugin list it says version 6.2.0. How can I fix this?


    0 0
  • 09/28/16--07:54: PressThis and Firewall
  • Replies: 0

    When I trigger the PressThis script, WF firewall flags its and there is a checkbox to approve. This is fine. But it comes up everytime I use PressThis. How do I configure to accept forever?


    0 0

    Replies: 0

    Hi… Scans stopped misteriously on August 26
    Scheduled Wordfence scans are stacking after this day but Scans summaries stopped that day.
    Tried Start all scans remotely… nothing (and option doesnt save i dont know why), Ticked scans remotely, you save changes, says options saved, reload the page and the option is unticked once reloaded the page
    Network ips not blocked
    Repaired tables… nothing
    The only references in error_log to the plugin is some GET /wp-admin/post-new.php HTTP/1.1″ 302 435 “http://elgranodemostaza.com/?_wfsf=unlockEmail

    What is happening… thanks in advance


    0 0

    Replies: 0

    I’ve been working with Advanced Blocking for a while and have some suggestions:

    • Sort the “Current list of ranges and patterns you’ve blocked” by IP range
    • Prevent adding a duplicate IP range
    • Show date blocked
    • Integrate the listing / UI with the “Manually blocked IPs”