Quantcast
Channel: WordPress.org Forums » [Wordfence Security - Firewall, Malware Scan, and Login Security] Support
Viewing all 33351 articles
Browse latest View live

Scan Failed while Clouflare is enabled on the site

November 2, 2019, 10:22 am
$
0
0

Replies: 0

Hi,

Wordfence cannot start new scan and it gives me this error: “Scan Failed: The scan has failed to start. This is often because the site either cannot make outbound requests or is blocked from connecting to itself.”

I’ve deactivated all plugins except Wordfence and reverted to a default theme, and the only thing that fixed the issue was to disable Cloudflare on the site, deactivate and then re-activate Wordfence. When I enable Cloudflare, the error appears again.

My hosting provider is EasyWP by Namecheap, I contacted them about this and they said the database is working fine and that they checked everything except global blocks. I’ve also sent you a Diagnostics report by email to review.

Let me know if you need anything else to help me fix this.

Search

Scanning persists to fail though everything in Diagnostic tab is green i.e OK

November 2, 2019, 3:37 pm
$
0
0

Replies: 0

Scanning persists to fail though everything in Diagnostic tab is green that is everything is okay.
Sent all the data from it to your test email with the same username as it is here.
Read the troubleshooting guide carefully and your servers are not blocked but whitelisted in Cloudflare , your database tables are intact ,etc.
What’s the problem then?
Could you guide me, please?
I know you are overwhelmed but would be glad if I receive even a single word as an answer.
Thanks in advance!

  • This topic was modified 3 hours, 3 minutes ago by jimmy19742.

unable to login using the correct password

November 2, 2019, 5:11 pm
$
0
0

Replies: 0

i am unable to login using the correct password after install the plugin, alway said incorrect password

Rules Update Failure

November 2, 2019, 11:36 pm
$
0
0

Replies: 0

Hi,

One of my sites is not able to update, neither automatically nor manually, the rules update. I receive the following message:

“The last rules update for the Wordfence Web Application Firewall was unsuccessful. The last successful update check was 21. October 2019 13:30, so this site may be missing new rules added since then. You may wait for the next automatic attempt at 4. November 2019 12:30 or try to Manually Update by clicking the “Manually Refresh Rules” button below the Rules list.”

Any help? Thank you 🙂

PS: I use v7.4.0

  • This topic was modified 10 minutes ago by per4mance. Reason: added plugin version

Bots attacking WooCommerce Cart

November 3, 2019, 5:08 am
$
0
0

Replies: 0

I’m am pretty sure that bots are attacking my Woocommerce site and leaving hundreds of items abandoned in the cart. However, upon checking my “Live traffic”, I am not seeing any gray dots, none! Does WF have anything else in place to detect these bots? Thank you.

Wordfence failed to detect malware

November 3, 2019, 7:22 am

Failure to add sites to WordFence Central

November 3, 2019, 11:42 pm
$
0
0

Replies: 0

Hi Everyone, I have previously met with an issue installing the Plugins for WordFence as it has pop up numerous times regarding the incomplete installation. Hence, I did tried adding site via the WordFence Central. Whenever I tried, it states that “Unable to Resolve Domain Directs”.

Any Advise as I am really new to the wordpress and coding world.

Thanks in Advance!!!

wp-login.php page loaded over and over

November 4, 2019, 7:54 am
$
0
0

Replies: 0

I have about 30 wordpress sites on a very large server with plenty of space. 99% of the time the server functions fine.

My WF logs on all the sites show that wp-login.php is loaded by various IPs throughout the day. However username/pws are rarely entered. It seems the bots load the page, switch IPs over and over throughout all websites, thus crashing the server. I have to call hosting and they re-boot the server. He says the wp-login.php page loading attempts are what crash it.

I have the WF firewall enabled and very strict setting on each site throttling/blocking between 15-60 attempts for each setting.

Is there anything else I should set to help this issue? Thanks

Search

WordPress database error Commands out of sync;

November 4, 2019, 9:52 am
$
0
0

Replies: 0

Hi All, what could be the possible cause of the following ‘WordPress database error Commands out of sync; you can’t run this command now for query SELECT *, CASE’ error in our error log?

[04-Nov-2019 15:43:32 UTC] WordPress database error Commands out of sync; you can’t run this command now for query SELECT *, CASE
WHEN type = 3 THEN 0
WHEN type = 4 THEN 1
WHEN type = 7 THEN 2
WHEN type = 6 THEN 3
WHEN type = 5 THEN 4
WHEN type = 9 THEN 5
WHEN type = 8 THEN 6
WHEN type = 2 THEN 7
WHEN type = 1 THEN 8
ELSE 9999
END AS typeSort, CASE
WHEN type = 3 THEN parameters
WHEN type = 4 THEN parameters
WHEN type = 1 THEN IP
WHEN type = 9 THEN IP
WHEN type = 5 THEN IP
WHEN type = 6 THEN IP
WHEN type = 7 THEN IP
WHEN type = 2 THEN IP
WHEN type = 8 THEN IP
ELSE 9999
END AS detailSort
FROM wp_wfblocks7 WHERE type IN (1, 8, 9, 2, 5, 6) AND (expiration = 0 OR expiration > UNIX_TIMESTAMP()) ORDER BY typeSort ASC, id DESC made by wfWAFIPBlocksController::synchronizeConfigSettings, wfBlock::ipBlocks, wfBlock::allBlocks
[04-Nov-2019 15:43:32 UTC] WordPress database error Commands out of sync; you can’t run this command now for query SELECT *, CASE
WHEN type = 3 THEN 0
WHEN type = 4 THEN 1
WHEN type = 7 THEN 2
WHEN type = 6 THEN 3
WHEN type = 5 THEN 4
WHEN type = 9 THEN 5
WHEN type = 8 THEN 6
WHEN type = 2 THEN 7
WHEN type = 1 THEN 8
ELSE 9999
END AS typeSort, CASE
WHEN type = 3 THEN parameters
WHEN type = 4 THEN parameters
WHEN type = 1 THEN IP
WHEN type = 9 THEN IP
WHEN type = 5 THEN IP
WHEN type = 6 THEN IP
WHEN type = 7 THEN IP
WHEN type = 2 THEN IP
WHEN type = 8 THEN IP
ELSE 9999
END AS detailSort
FROM wp_wfblocks7 WHERE type IN (7) AND (expiration = 0 OR expiration > UNIX_TIMESTAMP()) ORDER BY typeSort ASC, id DESC made by wfWAFIPBlocksController::synchronizeConfigSettings, wfBlock::lockouts, wfBlock::allBlocks

Thanks
Matt

VPN forced logout

November 4, 2019, 11:26 am
$
0
0

Replies: 0

Hi!
My client has someone working on his website who uses a public VPN, so this means that his IP address periodically changes, even while logged in.

When he is working on the site, he periodically gets logged out and has to log back in. If Wordfence is deactivated, the problem goes away. I’m figuring that Wordfence must tie the user session to an IP address and when that IP address changes, the user gets logged out.

Is there a way around this? Whitelist by username maybe?

Any help would be most appreciated!

Brazil IPs blocked but I don’t have Country Blocking enabled

November 4, 2019, 12:27 pm
$
0
0

Replies: 1

A client in Brazil cannot load my site. fmobserver.com

I do not have his IP blocked nor am I subscribed to Country Blocking.

177.158.83.127

Could there be some legacy country blocking going on?

2FA for only certain admins?

November 4, 2019, 9:59 pm
$
0
0

Replies: 0

Hello. I see that Wordfence can enforce 2FA for all admin users. Is there a way to enforce 2FA for only certain admins? Or to lift the 2FA requirement for certain users?

Thanks.

add my custom login page in whitelist urls

November 5, 2019, 1:49 am
$
0
0

Replies: 0

Hi

I have a plugin to manage users, login, logout and register pages.
I think I should add my page in whitelist URLs.
I don’t know what should I write in “param name” and “param type” textboxs.

Weird issue with the firewall

November 5, 2019, 2:43 am
$
0
0

Replies: 0

I recently moved server and installed Wordfence on a WP multisite virgin wordpress install.

The plugin works fine (I’ve used it on single sites before)… until I try to enable the firewall, and then my .htaccess file keeps being emptied (like, all the content is gone, it’s completely blank) or even just completely deleted. Obviously this breaks the site. Fixing it is easy enough (I keep a spare copy), but it keeps happening, on average once a day. This is very annoying.

If I disable the firewall it stops. But. No firewall.

I’m tired of this.

I have the following questions:

1. Have you heard of this happening, and by remote chance, is there an easy fix or could I be doing something dumb?
2. Do you know of firewall plugins that I can try in conjunction with Wordfence that are not going to clash horribly with it and if so, what options would I need to turn off in Wordfence?

Wordfence LiveTraffic shows no more than 5 days of traffic

November 5, 2019, 3:23 am
$
0
0

Replies: 0

Hello,

My version number : 7.4.0

Since the beginning I use Wordfence, I did’nt change rules. Since few days, in LiveTraffic, I only see traffic of few days. For example, we are the 5th of november and I see traffic until the 31 of october. That’s all.

Another strange thing, When I select “Humans”, now I see some “Warning” in the list.

What is the problem ?
Thanks for your help.

Search

Need to block blackhole of IANA

November 5, 2019, 3:58 pm
$
0
0

Replies: 0

Would it be possible to block the blackholes of the IANA?

IANA explains that these blackholes are not used and that we should not see them on our logs as explained on this page https://www.iana.org/help/abuse-answers
This is not the case .. this address launches crons and others all day ..

172.18.79.80 – – [05/Nov/2019:23:19:04 +0000] (1 s) “POST /wp-admin/admin-ajax.php?action=wp_wpcp_automatic_campaign&nonce=787fbdd2d8 HTTP/1.1” 200 – “https://mydomain.com/wp-admin/admin-ajax.php?action=wp_wpcp_automatic_campaign&nonce=787fbdd2d8” “WordPress/5.2.4; https://mydomain.com
ouilibre.com 172.18.79.80 – – [05/Nov/2019:23:19:22 +0000] (0 s) “POST /wp-cron.php?doing_wp_cron=1572995962.4410369396209716796875 HTTP/1.1” 200 – “https://mydomain.com/wp-cron.php?doing_wp_cron=1572995962.4410369396209716796875” “WordPress/5.2.4; https://mydomain.com
and that more than 6000 times in a month… :/

A mix of InnoDB and MyISAM tables?

November 5, 2019, 5:48 pm
$
0
0

Replies: 0

Hi All,

Was going through my databases to try and see what databases/tables are still using the old crusty MyISAM type, and to my surprise I found Wordfence is a culprit.. However it appears to be a mix of InnoDB and MyISAM in this case…

Eg:

wp_wfBlocks7.MYD
wp_wfBlocks7.MYI
wp_wfFileChanges.MYD
wp_wfFileChanges.MYI
wp_wfLiveTrafficHuman.MYD
wp_wfLiveTrafficHuman.MYI
wp_wfNotifications.MYD
wp_wfNotifications.MYI
wp_wfPendingIssues.MYD
wp_wfPendingIssues.MYI
wp_wfTrafficRates.MYD
wp_wfTrafficRates.MYI

Why the mix???

A.

  • This topic was modified 54 minutes ago by ohhok.

ReCaptcha unable to activate in WordFence dashboard

November 5, 2019, 6:49 pm
$
0
0

Replies: 0

I have installed the Wordfence plugin on 2 different sites and am not setting up reCaptcha.

One 1 site I managed to setup reCaptcha easily. On the second site however I am unable to tick the reCaptcha box.

“Enable reCAPTCHA on the login and user registration pages”

The tick box just stays white and I cannot change it to blue. Seems the tick box is not working for some reason.

Another “un-clickable” tickbox is for “Grace period to require 2FA” (not vital for me but same issue).

Do I need to re-install the plugin?

Scan Failed (IP block itself)

November 5, 2019, 10:01 pm
$
0
0

Replies: 0

Hi,

See attached screenshot.

I am facing issue since last one week. I can not scan myself. I try all suggested ways like Try starting scans remotely. But still not solve this issue.

As I understand this issue, my server IP blocked by Wordfence. So how can I unblock any IP which is blocked by Wordfence? So I am navigate to Firewall > Blocking tab, but here no any IP exist https://ibb.co/4P0DC70

Any solution for this issue.

Thank you

  • This topic was modified 3 minutes ago by Jay Patel. Reason: URL update
  • This topic was modified 21 seconds ago by Jay Patel. Reason: grammer update

Clarification about “green” symbol in Live Traffic

November 6, 2019, 1:00 am
$
0
0

Replies: 0

In the Live Traffic report I noticed the following entry about someone accessing a page:
“site-name/wp-content/themes/MichaelCanthony/download.php?file=../../../wp-config.php”
Now, the link should lead nowhere (no such theme) but what confused me was that the icon was green (as opposed to red = blocked or yellow = warning). The list says green should only mean a human accessed the page but to me it seems as if the color green equals success. When I log in to the site, I also appear as a green human. How should I interpret the attempt? Was this a successful attempt (in some strange way) to access the wp-config file?

Viewing all 33351 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>