Quantcast
Channel: WordPress.org Forums » [Wordfence Security - Firewall, Malware Scan, and Login Security] Support
Viewing all 33169 articles
Browse latest View live

Wordfence disappeared from my site

September 11, 2018, 3:49 am
$
0
0

Replies: 0

This morning I got a “Wordfence activity for September 10th” and it listed some Recently Modified Files and just looking I knew I had a problem. I checked on my host via C panel and sure enough, a folder had appeared in my public_html. This had happened once before, I found 6 additional folders, and in fact, that is what prompted me to install Wordfence in the first place.

I went to the dashboard of my site to see what I could do and Wordfence was gone, nothing in the sidebar, not listed in the plugins, active or otherwise, just completely gone.

At my host all I can find is a file called “wordfence-waf.php” in the public_html folder but no reference to wordfence in the plugins folder.

Any assistance would be greatly appreciated.

Search

Custom Login Page and Wordfence

September 11, 2018, 2:55 pm
$
0
0

Replies: 0

Hello

I have changed my Login Page URL on code without a plugin.

I have installed Wordfence and also change the entries from the wp-login.php to my custom login page in the plugin code.

When Wordfence will be updated, do I have to replace it again?

Thank you very much in advance
I’m pretty new to WordPress.

Best regards,
Ines

Fatal error: Class ‘GeoIp2\Database\Reader’

September 11, 2018, 4:41 pm
$
0
0

Replies: 0

Hello, I have used wordfence for years and I have never had problems. But today I found the plugin disabled and activating it indicates the following error:

https://pastebin.com/ugM9QgAx

I have deleted the wordfence folder and I have reinstalled it (latest version) but the error continues. Which may be due?

Thanks and regards.

Wordfence version 7.1.12 now released!

September 12, 2018, 9:42 am
$
0
0

Replies: 0

Greetings all. We have a point release for Wordfence today, version 7.1.12. Please update as soon as you are able.

  • Improvement: Updated bundled GeoIP database.
  • Improvement: Restructured the WAF configuration storage to be more resilient on hosts with no file locking support.
  • Change: Moved the settings import/export to the Tools pages
  • Change: New installations will now use lowercase table names to avoid issues with some backup plugins and Windows-based sites.
  • Fix: The notice and repair link for an unreadable WAF configuration now work correctly.
  • Fix: Improved appearance of some stat components on smaller screens.
  • Fix: Fixed duplicate entries with different status codes appearing in detailed live traffic.
  • Fix: Added better caching for the breached password check to compensate for sites that prevent the cache from expiring correctly.
  • Fix: Changing the frequency of the activity summary email now reschedules it.

Thanks everyone for great comments and suggestions. Send any of those you might have to feedback@wordfence.com and someone will get back to you.
Keep in mind, the feedback address is not a place to request support.
Also, no support questions will be answered in this thread.
Free support requests can be posted at https://wordpress.org/support/plugin/wordfence
Our premium customers can open a ticket at http://support.wordfence.com

Update creates error!

September 12, 2018, 10:26 am
$
0
0

Replies: 0

Updating to version 7.1.12 creates 16 (!) notices:

Notice: Undefined offset: 126 in /public_html/wp-content/plugins/wordfence/vendor/maxmind-db/reader/src/MaxMind/Db/Reader/Decoder.php on line 87

Offsets are: 126, 128, 130, 147 and 190, creating multiple notices. This makes my WP unusable in Debug Mode, as all those lines mess up the dashoard, making it impossible to see the menu.

jQuery logs into console

September 12, 2018, 10:40 am
$
0
0

Replies: 0

JQuery-migrate, that Wordfence plugin is using, writes to the console following:
JQMIGRATE: Migrate is installed, version 1.4.1

I would kindly ask you to switch to minified version that does not log that info into console, as I would strongly prefer to keep console clean for hidden marketing purposes.

It is a small thing, I know, but it would be a game-changer for me to look for another plugin. Otherwise really good work folks!

Anyone else’s site went down?

September 13, 2018, 6:41 am
$
0
0

Replies: 0

My site went down randomly when the update occurred with just a white screen on the homepage but all other internal pages were up. I noticed that two other users on this forum had their websites go down but no one knows why or can’t seem to find additional information related to this issue.

Anyone else experience this problem last night and what was the fatal error issue that occurred?

Blocked for SQL Injection

September 13, 2018, 6:51 am
$
0
0

Replies: 0

HI,

Today I receive the email, why this happened, what is the future precautions, Can you please send me some article to read about this.

This email was sent from your website “Jawaddi Taksal” by the Wordfence plugin at Thursday 13th of September 2018 at 08:51:06 AM
The Wordfence administrative URL for this site is: https://www.jawadditaksal.org/jawadditaksal/admin.php?page=Wordfence
The Wordfence Web Application Firewall has blocked 136 attacks over the last 10 minutes. Below is a sample of these recent attacks:

September 13, 2018 8:48am 5.101.40.103 (Russian Federation) Blocked for SQL Injection in query string: p=44%’ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
September 13, 2018 8:48am 5.101.40.103 (Russian Federation) Blocked for SQL Injection in query string: p=44%’ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
September 13, 2018 8:48am 5.101.40.103 (Russian Federation) Blocked for SQL Injection in query string: p=44%’ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
September 13, 2018 8:48am 5.101.40.103 (Russian Federation) Blocked for SQL Injection in query string: p=44%’ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#
September 13, 2018 8:48am 5.101.40.103 (Russian Federation) Blocked for SQL Injection in query string: p=44%’ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#
September 13, 2018 8:48am 5.101.40.103 (Russian Federation) Blocked for SQL Injection in query string: p=44%’ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#
September 13, 2018 8:48am 5.101.40.103 (Russian Federation) Blocked for SQL Injection in query string: p=44%’ UNION ALL SELECT NULL,NULL,NULL,NULL#
September 13, 2018 8:48am 5.101.40.103 (Russian Federation) Blocked for SQL Injection in query string: p=44%’ UNION ALL SELECT NULL,NULL,NULL#
September 13, 2018 8:48am 5.101.40.103 (Russian Federation) Blocked for SQL Injection in query string: p=44%’ UNION ALL SELECT NULL,NULL#
September 13, 2018 8:48am 5.101.40.103 (Russian Federation) Blocked for SQL Injection in query string: p=44%’ UNION ALL SELECT NULL#

Search

Just installed and got “Error detected by Application Firewall” on all pages

September 13, 2018, 10:18 am
$
0
0

Replies: 1

I just installed Wordfence, and now if I try to access pretty much any page in my WP control panel, I get the message…

Error detected by Application Firewall. Please contact support if you have any questions.

Anyone able to help me?

Thanks

Country blocking seems not working

September 13, 2018, 10:37 pm
$
0
0

Replies: 0

We have countries that are blocked via wordfence pro but still getting traffic from those countries on google analytics. Why?

PHP message: WordPress database error Deadlock found when trying to get lock

September 14, 2018, 3:31 am
$
0
0

Replies: 0

I’m trying to fix this deadlock issue on my site without luck. I’m using WordFence and when I disable it, the error is gone. I disabled the plugin by removing it completely and reinstall it again, but the error also appear whenever I reinstall it.

Note that I have uninstalled the plugin completely as suggested by WordFence.

Anyone know what’s causing this?

Here’s the log on my server:

2018/09/14 01:13:38 [error] 21753#21753: *2868716 FastCGI sent in stderr: "PHP message: WordPress database error Deadlock found when trying to get lock; try restarting transaction for query INSERT IGNORE INTOpn_wfconfig(name,val,autoload`) VALUES (‘wfSyncGeoIP.lock’, ‘1536912818’, ‘no’) made by require(‘wp-blog-header.php’), require_once(‘wp-load.php’), require_once(‘wp-config.php’), require_once(‘wp-settings.php’), do_action(‘plugins_loaded’), WP_Hook->do_action, WP_Hook->apply_filters, wordfence::veryFirstAction, wfConfig::createLock, W3TC\DbCache_Wpdb->query, W3TC\DbCache_WpdbInjection_QueryCaching->query, W3TC\_CallUnderlying->query, W3TC\DbCache_Wpdb->query, W3TC\DbCache_WpdbInjection->query, W3TC\DbCache_Wpdb->default_query” while reading response header from upstream, client: 34.232.72.139, server: mysite.com, request: “GET /2017/09/19/sample-article/feed/ HTTP/1.1”, upstream: “fastcgi://127.0.0.1:9011”, host: “mysite.com”
2018/09/14 01:13:57 [error] 21753#21753: *2869493 FastCGI sent in stderr: "PHP message: WordPress database error Deadlock found when trying to get lock; try restarting transaction for query INSERT IGNORE INTOpn_wfconfig(name,val,autoload`) VALUES (‘wfSyncGeoIP.lock’, ‘1536912837’, ‘no’) made by require(‘wp-blog-header.php’), require_once(‘wp-load.php’), require_once(‘wp-config.php’), require_once(‘wp-settings.php’), do_action(‘plugins_loaded’), WP_Hook->do_action, WP_Hook->apply_filters, wordfence::veryFirstAction, wfConfig::createLock, W3TC\DbCache_Wpdb->query, W3TC\DbCache_WpdbInjection_QueryCaching->query, W3TC\_CallUnderlying->query, W3TC\DbCache_Wpdb->query, W3TC\DbCache_WpdbInjection->query, W3TC\DbCache_Wpdb->default_query” while reading response header from upstream, client: 54.241.188.65, server: mysite.com, request: “GET /test-article/ HTTP/1.1”, upstream: “fastcgi://127.0.0.1:9011”, host: “mysite.com”, referrer: “search.yahoo.com/”
2018/09/14 01:14:03 [error] 21753#21753: *2869668 FastCGI sent in stderr: "PHP message: WordPress database error Deadlock found when trying to get lock; try restarting transaction for query INSERT IGNORE INTOpn_wfconfig(name,val,autoload`) VALUES (‘wfSyncGeoIP.lock’, ‘1536912842’, ‘no’) made by require(‘wp-blog-header.php’), require_once(‘wp-load.php’), require_once(‘wp-config.php’), require_once(‘wp-settings.php’), do_action(‘plugins_loaded’), WP_Hook->do_action, WP_Hook->apply_filters, wordfence::veryFirstAction, wfConfig::createLock, W3TC\DbCache_Wpdb->query, W3TC\DbCache_WpdbInjection_QueryCaching->query, W3TC\_CallUnderlying->query, W3TC\DbCache_Wpdb->query, W3TC\DbCache_WpdbInjection->query, W3TC\DbCache_Wpdb->default_query” while reading response header from upstream, client: 13.56.241.76, server: mysite.com, request: “GET /2013/07/17/testing/ HTTP/1.1”, upstream: “fastcgi://127.0.0.1:9011”, host: “philnews.ph”, referrer: “android-app://com.google.android.googlequicksearchbox”
2018/09/14 01:14:03 [error] 21753#21753: *2869683 FastCGI sent in stderr: "PHP message: WordPress database error Deadlock found when trying to get lock; try restarting transaction for query INSERT IGNORE INTOpn_wfconfig(name,val,autoload`) VALUES (‘wfSyncGeoIP.lock’, ‘1536912843’, ‘no’) made by require(‘wp-blog-header.php’), require_once(‘wp-load.php’), require_once(‘wp-config.php’), require_once(‘wp-settings.php’), do_action(‘plugins_loaded’), WP_Hook->do_action, WP_Hook->apply_filters, wordfence::veryFirstAction, wfConfig::createLock, W3TC\DbCache_Wpdb->query, W3TC\DbCache_WpdbInjection_QueryCaching->query, W3TC\_CallUnderlying->query, W3TC\DbCache_Wpdb->query, W3TC\DbCache_WpdbInjection->query, W3TC\DbCache_Wpdb->default_query” while reading response header from upstream, client: 54.193.113.108, server: mysite.com, request: “GET /sample/ HTTP/1.1”, upstream: “fastcgi://127.0.0.1:9011”, host: “mysite.com”, referrer: “mysite.com/articl1/”
2018/09/14 01:15:14 [error] 21753#21753: *2871964 FastCGI sent in stderr: "PHP message: WordPress database error Deadlock found when trying to get lock; try restarting transaction for query INSERT IGNORE INTOpn_wfconfig(name,val,autoload`) VALUES (‘wfSyncGeoIP.lock’, ‘1536912914’, ‘no’) made by require_once(‘wp-load.php’), require_once(‘wp-config.php’), require_once(‘wp-settings.php’), do_action(‘plugins_loaded’), WP_Hook->do_action, WP_Hook->apply_filters, wordfence::veryFirstAction, wfConfig::createLock, W3TC\DbCache_Wpdb->query, W3TC\DbCache_WpdbInjection_QueryCaching->query, W3TC\_CallUnderlying->query, W3TC\DbCache_Wpdb->query, W3TC\DbCache_WpdbInjection->query, W3TC\DbCache_Wpdb->default_query

  • This topic was modified 5 minutes ago by jaypabs.
  • This topic was modified 3 minutes ago by jaypabs.

An error occurred while updating Wordfence

September 14, 2018, 5:06 am
$
0
0

Replies: 0

Hi,

I have checked all the other threads regarding this issue and after months of ignoring it I have to write here.

I get this error:

An error occurred while updating Wordfence Security: Could not copy file. wordfence/lib/.htaccess

Checked the permissions, 775 for folders, 664 for file.
Tried to delete this file on 1 website, without success.

Didn’t find anything on internet that would help, there is only permission issue all the time.

Any chance you are able to help?

Thanks,

Matt

Live Traffic Question

September 14, 2018, 9:14 am
$
0
0

Replies: 0

Hi, I just noticed the live traffic feature of Wordfence. It is great to see our visitors here and where they are coming from so easily. On the plugin description it says that you also show time on the website, but I am not seeing that or an option to enable it. We currently use the free version. Is that a premium feature?

Deep scan – deeper needed

September 14, 2018, 11:06 am
$
0
0

Replies: 0

I’ve managed to find and remove/repair many infected files. However, a new type of attack has emerged – now the malicious code is hidden inside image and icon files, the PHP then does only include => which is not (quite logicaly) detected by the scan.

What is needed is to add an option to scan ALL reachable files to find even the malicious code undecovered as “image” or “icon”.

Would you, please, add this as an option?

Thanks.

500 Error When Changing URL

September 14, 2018, 11:24 am
$
0
0

Replies: 0

I recently went through a frustrating issue where I had a staging url setup (client.server.com). The client secured the domain (www.client.com), point the url to my server IP and I updated the hosting settings in plesk from client.server.com to http://www.client.com and then the 500 error presented itself. I reverted back to the staging url with no issues. ping the clients domain and everything was pointing correctly.

At some point when I renamed the staging url to the client domain Wordfence produced a 500 error.

fyi the site url and home url in WordPress were set to the updated domain. That was not the issue.

Can anyone shed some light on why WordFence caused this issue?

I have used the process many times before. The only difference was these sites contained the plugin WordFence and my error logs were indicating issues related to open_basedir and wordfence

Search

How to remove malware when Bluehost deactivated account?

September 14, 2018, 2:54 pm
$
0
0

Replies: 1

Hi,

I have four sites on my Bluehost account, and last night, I was alerted that artmassagepdx.com was down, and it has not come back up since. I have Wordfence on all four, but I cannot access the admin dashboards. I really need to get the stevekleier.com site back up, immediately, the others not so urgent. I don’t want to engage Sitelock, or pay for this at all…isn’t there a way to determine the bad code, go into the File Manager, delete, and then tell BH to check for malware again? What is the likelihood that other sites have been infected, or how do I deal with that?

Thanks,
Steve

PHP notices

September 15, 2018, 7:44 am
$
0
0

Replies: 0

Hi,
I just updated to Wordfence Version: 7.1.12 and received 2 notices:

Notice: Undefined offset: 126 in /wp-content/plugins/wordfence/vendor/maxmind-db/reader/src/MaxMind/Db/Reader/Decoder.php on line 87
Notice: Undefined offset: 134 in /wp-content/plugins/wordfence/vendor/maxmind-db/reader/src/MaxMind/Db/Reader/Decoder.php on line 87

Any ideas why?
I am running WordPress 4.9.8 and PHP Version 7.1.21 on the server

IP Whitelist feature request

September 15, 2018, 11:37 am
$
0
0

Replies: 0

I frequently need to add a number of IP addresses to whitelist on my clients’ sites.

It would be a fantastic feature to be able to label the IP addresses with a description fields so that it’s readily apparent what that IP address is there for.

Once you have a number of IP addresses in the whitelist, it’s difficult to keep track of who’s who!

Block Bots from Comments

September 16, 2018, 10:24 am
$
0
0

Replies: 0

Hi, I’m wondering if the Wordfence has an option to set to block known bots from the comments*.php? I have the spam comment option enabled in the settings, but there are several bots commenting everyday.

‘Username created outside WordPress

September 16, 2018, 11:27 am
$
0
0

Replies: 0

I’ve just received the following email from WordFence – “An admin user with the username badminton was created outside of WordPress. It’s possible a plugin could have created the account, but if you do not recognize the user, we suggest you remove it.”
It also says this was done in Warsaw, Poland.
I know nothing about this and when I look at the list of users on my Dashboard there’s certainly no new name. When I try to delete, a message pops up saying ‘We could not find that user on the database – Reload’ When I click on Reload it simply takes me back to the Scan page detailing the creation of the username.
I really don’t know how to deal with this.

Viewing all 33169 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>