Replies: 0
Is it good idea to enter xmlrpc.php in Wordfence field “Immediately block IPs that access these URLs”? Maybe this could block unnecessary logins. But does it prevent normal plugin updates etc?
↧
xmlrpc.php
↧
Translate string
Replies: 0
Hi,
Can you please help us solve our difficulty?
I can’t translate a string that is apparently part of the wordfence plugin – At least it is the information we have from the company that provided us with the theme of our site:
https://xtemos.com/forums/topic/translate-labels/
The string we need to translate (for PT) is:
ERROR: The username or password you entered is incorrect. Lost your password?
I will be very grateful for your help!
Best regards
↧
↧
Whitelisting WooCommerce Payment Gateways
Replies: 0
Hi,
I’m experiencing issues with amazon pay, sometimes paypal, sometimes klarna payment gateways while having extended protection enabled in the firewall settings. The users cannot complete their purchase and get stuck (amazon pay), redirected to cart (klarna) or get a message to retry (paypal).
PayPal almost always works after clicking again.
Amazon Pay never works.
Klarna sometimes has no problem, but when it has a problem, it’s redirecting to cart and after that stuck there.
When the firewall is in learning mode and I’m doing test transactions nothing gets recorded.
The error displayed by amazon pay is:
Error: cURL error 60: Peer’s certificate issuer has been marked as not trusted by the user.
ssllabs.com does not display any issues with my certificate.
Gateway list:
klarna-checkout-for-woocommerce
woocommerce-gateway-amazon-payments-advanced
woo-paypalplus
How can I whitelist these three plugins or the checkout entirely?
Disabling Wordfence resolves the problem.
Thank you,
Chris
↧
Not possible to optimize Wordfence and connectivity error
Replies: 0
I added Wordfence plugin a couple of days ago.
When I try to optimize Wordfence by clicking on “Click here to configure” button, nothing happens, just a white pop up shows up.
In diagnostics tab for connectivity an error related to “Connecting back to this site” appears as follows: wp_remote_post() test back to this server failed! Response was: 403 Forbidden.
Can anybody tell if these 2 issues are interrelated and how to solve them?
Thanks in advance!
↧
Where did search and white-listing go?
Replies: 0
Always loved WordFence – best security plugin.
The latest versions however make are becoming increasingly difficult to navigate.
I am especially missing the search option.
The first thing that I usually set up when installing WF is white-listing my IP and I bet other admins do the same.
Where in the world did it go?
Thanks
↧
↧
Cant Sign In
Replies: 0
Hello I can’t login, it first said that I had an invalid recaptcha key but I couldn’t change it cause I couldn’t log in and I tried editing the file directly and now it says “Parse error: syntax error, unexpected ‘site key’ (T_STRING), expecting ‘)’ in /var/www/html/wp-content/plugins/wordfence/modules/login-security/classes/controller/captcha.php on line 30.
↧
configure wap
Replies: 0
9/11
I have one site in a folder under my main site that says the firewall is being run from another site. How to fix this is totally obtuse in the directions. This site is the only one in a subfolder that I have problems with wordfence wap.
So how do I fix this issue?
↧
Wrong result on Scan
Replies: 0
Hello,
When doing a site scan i notice Wordfence returns a notice regarding a modified file on WP Hide & Security Enhancer plugin:
The returned file /router/environment.php contain a JSON data with some of the site variables like path and re-mapped theme slug. Obviously this is always changing depending on user set-up and server.
Is there any way to prevent this showing up as warning in the scan? Maybe there’s a programmable filter or something similar which i can use? Or possible you can update that for the next plugin version?
Thanks
↧
Sniffing usernames – now possibile?
Replies: 0
Dear staff,
I noticed that in the last months some “blocked user logging in” email I receive, tells me that the last username that they tried to use is a real username I have into users on that websites.
Usually, so far, they try common names (that I don’t use as usernames) so they are instantly blocked cause the username does not exist.
But in the last period I can see they try with real usernames, in this case they have more chances to force the login instead of being suddenly blocked.
How they do? and why now? is there something you can improve to avoid this kinda sniffing of usernames?
Thank you
↧
↧
Email Verification with custom login page
Replies: 0
When using custom login page on wordpress site, the email verification email i “always” sent (it should redirect to admin panel instead to ask for verification). When using wp-login.php it does not ask for verification. If this can be fixed, otherwise this function is not usable on my site.
↧
Temporary disable all blocks & User Names
Replies: 0
Two questions:
1) I currently have tons of blocks in WordFence. How can I temporarily disable all blocks so an off shore developer can access my WordPress site?
2) The option to lockout invalid usernames is enabled on my site, but when an invalid username gets logged in the blocking page as blocked due to invalid user name, that name is never added to the list of blocked user names on the All Options page.
Thank for your help.
↧
Wordfence installation is incomplete
Replies: 0
On a multisite install, I keep getting a “Wordfence installation is incomplete” message in an endless loop. After adding the notification email, agreeing to terms, it asks for premium license, I click on “No Thanks” and it returns me to the Wordfence Central page with the same incomplete message. I read on another thread that it is because the notification email address isn’t written to the template, but no solution was given to fix. See https://wordpress.org/support/topic/wf-central-keep-finding-wordfence-installation-is-incomplete/.
↧
Login Security reCaptcha v3
Replies: 0
I have reCaptcha set in Wordfence login security with v3 credentials.
Every time I try to log in as administrator (or anyone) via the Woocommerce my-account page, I get a popup saying I have to verify via emailed link, then log in. Always with same browser and IP. The reCaptcha logo does not show there.
On the WordPress login page, the logo does show, and it does NOT make me verify. We don’t normally use the WordPress login page.
I know the login security in the my-account page is via Wordfence, because when I turn that setting off, it doesn’t require verification.
Why is the my-account login behaving much more strictly than the WordPress login, and can I get it to relax?
- This topic was modified 6 minutes ago by Jim.
↧
↧
Admin Login Notification
Replies: 2
If a subscriber (Abonent) logs in, I get an email notification that an admin logs in. I can’tfind the error. I enabled notofocation for admin and users, but email doesn’t come at every login.
Can anyone help me? Maybe someone knows about this problem.
Regards,
Uwe (Merlin)
↧
Locked out
Replies: 0
Hello, i tried to access your site to renew my license but i put wrong password and now i’m locked out. Can you please help? Account is ScuolaPitagora.
Thanks
↧
Wordfence is including a file from my dev site
Replies: 0
Hello. My WordPress dashboard is displaying a Wordfence message:
>> To make your site as secure as possible, take a moment to optimize the Wordfence Web Application Firewall:
When I click to configure, it displays this message:
To make your site as secure as possible, the Wordfence Web Application Firewall is designed to run via a PHP setting called auto_prepend_file, which ensures it runs before any potentially vulnerable code runs. This PHP setting is currently in use, and is including this file:
/var/www/html/kabult/kabultec.org/dev/wordfence-waf.php(screenshots)
But the path of that file is a path to my dev site, which is on https://kabultec.org/dev/. My dev site also has Wordfence installed and activated. Why is Wordfence on my live site trying to include a file from Wordfence on my dev site? And how can I resolve this issue?
Thanks.
- This topic was modified 53 minutes ago by cag8f.
↧
Unable to use Ninja Forms when Wordfence Activated
Replies: 1
Hello,
We were using Ninja Forms and then I added wordfence plugin. Then we found out that the submit button would just stick on “Processing”. We had Bluehost take a look and they said it was related to Wordfence. Once we deactivated it, then the form worked. But we’d like to still use Wordfence.
Below is the error that was coming up when we had both activated. Any ideas? I read something on a another thread about putting wordfence in learning mode – but not sure if that’s a fix for this. *Note that the form did have an option for uploading something (and it was required). Thanks!
—-
JQMIGRATE: Migrate is installed, version 1.4.1
/wp-admin/admin-ajax.php:1 Failed to load resource: the server responded with a status of 403 (Forbidden)
front-end.js?ver=3.4.18:3 ERRORS: Forbidden
front-end.js?ver=3.4.18:1 Uncaught TypeError: Cannot read property ‘nonce’ of undefined
at N.d.submitErrors (front-end.js?ver=3.4.18:1)
at s (backbone.min.js?ver=1.2.3:1)
at r (backbone.min.js?ver=1.2.3:1)
at m (backbone.min.js?ver=1.2.3:1)
at u.Channel.k.trigger (backbone.min.js?ver=1.2.3:1)
at Object.error (front-end.js?ver=3.4.18:3)
at i (jquery.js?ver=1.12.4-wp:2)
at Object.fireWith [as rejectWith] (jquery.js?ver=1.12.4-wp:2)
at x (jquery.js?ver=1.12.4-wp:4)
at XMLHttpRequest.c (jquery.js?ver=1.12.4-wp:4)
↧
↧
Country blocking not working
Replies: 0
Hi,
I recently went in to update the list of countries I was using Wordfence to block, and I found confuses me. I no longer see the list of countries I had previously blocked, and when I select one or more countries from the available list, the “Block the Selected Countries” doesn’t work – there’s simply no response from it.
Does anyone have any insight as to what may have happened?
Thanks
Marcus
↧
Wordfence alternative pages
Replies: 0
Hi guys,
I was looking at my Google search console of a blog I created and noticed that more than 37.000 pages (alternative pages with proper canonical tag) were generated. The last scanning of Google Search Console was last 9th of September. If I open the robot.txt I get this:
“User-agent: *
Disallow: /wp-admin/
Allow: /wp-admin/admin-ajax.php”
I already found a post here talking about this problem and it was because of the “live traffic options” enabled but the point is that I unistalled Wordfence a long time ago and!
Someone can tell me how do I get rid of this mistakes all at once? Thank you.
↧
Firewall Hindering Page Updates
Replies: 0
Sometimes when we try to update a page, we get an error. Disabling WordFence allows us to publish an update, then we reactivate the plugin. Can you help us understand why and correct this / keep this from happening? Here is what the warning says:
YOUR SAVE HAS FAILED
An error has occurred while saving your page. Various problems can cause a save to fail, such as a lack of server resources, firewall blockages, plugin conflicts or server misconfiguration. You can try saving again by clicking Try Again, or you can download a backup of your unsaved page by clicking Download Backup. Backups can be restored using the portability system while next editing your page.
↧
