Replies: 1
Scans do not run.
In the Scan section of Wordfence I get the error message in the activity log: “Scan stop request received.”
And above that in a yellow bar:
“Scan Failed
The scan has failed to start. This is often because the site either cannot make outbound requests or is blocked from connecting to itself. Click here for steps you can try (https://www.wordfence.com/help/?query=scan-failed-start).”
I have tried all the available suggestions but do not see any way to fix this.
Replies: 0
When a new user tried to create an account this is the error that they get.
Error: REGISTRATION ATTEMPT BLOCKED:
This site requires a security token created when the page loads for all registration attempts. please ensure JavaScript is enabled and try again.
I have tried looking up the solution to this problem and have found that I should click off the Enable Login Security. I cannot find that option.
Replies: 0
Does WordFence block any SQL query it detects? I’ve been able to trigger a 403 using this href, /wp-admin/admin-ajax.php?test=UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL# (it doesn’t actually do anything. try it on a site with WordFence installed).
The reason I’m asking is because I received an email telling me WordFence has blocked 130 SQL Injection attacks. But I’m pretty sure they’re all false positives.
Replies: 1
Hi,
I installed Wordfence free version on my website with basic setup of fields as I’m not very high in security components.
It worked well , but today when I wanted to edit two pages to modify them, I discovered that I got a SERVER ERROR 403 when the update button was clicked on ELEMENTOR PRO editor.
Then I remember these pages have never been edited after Wordfence installation and I deactivate the plugin.
Very strange , my pages were immediatly be able to be updated.
I don’t understand what the plugin did, because I’m logged always on the same workstation, with the same ID.
I hope it will help if you get this error when saving a page, before going to check complicated things like htaccess corruption or others, just try to deactivate Wordfence
Replies: 0
Been happening since shortly after upgrading to the premium plugin, cannot run scan or errors when updating the Firewall Rules. This is an excerpt from the log:
[Feb 28 20:32:07:1582921927.736743:2:error] Scan terminated with error: The Wordfence scanning servers are currently unavailable. This may be for maintenance or a temporary outage. If this still occurs in an hour, please contact support. [404]
Removed and Deleted all content in the wflogs folder, checked all the DB’s, no problems there.
Replies: 1
While using WP CLI I am getting these warnings when running commands. We are using WP v5.3.2, WordFence v7.4.6, and WP CLI v2.4.0 on WPEngine servers.
PHP Warning: fopen(/wp-content/wflogs/rules.php): failed to open stream: No such file or directory in /wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/waf.php on line 325
Warning: fopen(s/wp-content/wflogs/rules.php): failed to open stream: No such file or directory in /wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/waf.php on line 325
PHP Warning: flock() expects parameter 1 to be resource, bool given in /wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/waf.php on line 326
Warning: flock() expects parameter 1 to be resource, bool given in /wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/waf.php on line 326
PHP Warning: include(/wp-content/wflogs/rules.php): failed to open stream: No such file or directory in /wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/waf.php on line 328
Warning: include(/wp-content/wflogs/rules.php): failed to open stream: No such file or directory in /wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/waf.php on line 328
PHP Warning: include(): Failed opening '/wp-content/wflogs/rules.php' for inclusion (include_path='.:/usr/share/php') in /wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/waf.php on line 328
Warning: include(): Failed opening '/wp-content/wflogs/rules.php' for inclusion (include_path='.:/usr/share/php') in /wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/waf.php on line 328
PHP Warning: flock() expects parameter 1 to be resource, bool given in /wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/waf.php on line 329
Warning: flock() expects parameter 1 to be resource, bool given in /wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/waf.php on line 329
PHP Warning: fclose() expects parameter 1 to be resource, bool given in /wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/waf.php on line 330
Warning: fclose() expects parameter 1 to be resource, bool given in /wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/waf.php on line 330Replies: 0
Hey,
i installed wordfence a few month ago and now want to set the name of the sql tables back to normal – at the moment there is a prefix i think generated by wordfence.
how can i make this undo?
best
Replies: 0
Yeahhh… about to trash this plugin.
Can’t turn off 2FA for admins.
“Allow remembering device for 30 days” sounds good so I don’t have to do the 2FA dance with every login. Not sure how this works, but I’m never remembered.
“Whitelisted IP addresses that bypass 2FA”: great idea. I whitelisted all the IPs in my ISP’s usual range. Got 2FA’ed again today and my IP has not changed. I’m smack dab in the middle of the range: xx.90.218.[0-255] (where xx is a two digit number). It’s on a line by itself. Just like the examples provided in the backend.
That’s two basic bugs in this security plugin.
I like your competitor, All in One Security. It works. Buggy security software makes my skin crawl.
Replies: 0
Scan does not complete correctly.
I reviewed the method on this page and changed some settings. However, it cannot be solved. Please help someone.
https://www.wordfence.com/help/scan/troubleshooting/
Sorry,I forgot to reply.
Pls check htaccess,thanks.
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>
<IfModule mod_headers.c>
<FilesMatch “.(js|css|xml|gz|html)$”>
Header append Vary: Accept-Encoding
</FilesMatch>
</IfModule>
#RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
#RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
#RewriteEngine On
#RewriteCond %{SERVER_PORT} 80
#RewriteRule ^(.*)$ https://gxomens.com/$1 [R=301,L]
#RewriteRule ^(.*)$ https://blog.gxomens.com/$1 [R=301,L]
#RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
#RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
#RewriteEngine On
#RewriteCond %{HTTP_HOST} ^blog.gxomens.com [NC]
#RewriteCond %{SERVER_PORT} 80
#RewriteRule ^(.*)$ https://blog.gxomens.com/$1 [R=301,L]
# Support
SetEnvIf Request_URI “.*” Ngx_Cache_NoCacheMode=off
SetEnvIf Request_URI “.*” Ngx_Cache_AllCacheMode
SetEnvIf Remote_Addr ^92\.203\.2\.204$ AllowCountry
SetEnvIf Remote_Addr ^92\.203\.2\.230$ AllowCountry
SetEnvIf Request_URI “.*” AllowRestApi
SetEnvIf Request_URI “.*” AllowCountry
SetEnvIf Request_URI “.*” AllowXmlrpc
SetEnvIf Request_URI “.*” AllowCountry
SetEnvIf Request_URI “.*” AllowRestApi
Thanks
Replies: 0
Hello,
This is my second post about this topic (original post here). I apologize for posting twice, but I did not receive a follow up response to the previous post after sending my diagnostic email several times. Here is my problem:
For the last couple of months I have been getting the following error on my site: “Unable to accurately detect IPs.” This has caused the admin users on the site to be locked out repeatedly. I have tried all of the recommendations made in your documentation and in other support threads on this forum to resolve the issue. Nothing has worked. Following are my troubleshooting steps. I ran a new scan after each step and nothing changed.
~ Tried each option under “How does Wordfence get IPs”
~ Cleared server cache
~ Checked my .htaccess file for any oddities or redirects. Nothing there except the standard WordPress rules.
~ Made a duplicate staging site on the same hosting account and server. It also gets this error.
~ Enabled the Twenty Twenty theme and disabled all plugins except WordFence.
~ Deleted WordFence and all its data, then re-installed and left the default settings.
~ Contacted my web host (Siteground). They checked my server configuration and error logs and found no problems that would cause this issue.
~ I do not have any trusted proxies listed.
After all of this I am still getting the error on my live and staging sites. I cannot think of anything else to do. Can you help me troubleshoot?
I just sent another diagnostic email to wftest@wordfence.com.
Thanks for help!
Replies: 0
Please Support 2FA on WooCommerce front end login screen for customers in my account.
It’s really needed.
Replies: 0
My last Wordfence scan shows 12,620 issues!! (high priority), most of them are to do with image (.png, .jpg) and video (.mp4) files on my site – all of which I have uploaded myself and I need to have them on my site.
Why is this happening? I can try and “ignore” them but to go through thousands of files would take me a long long time.
Are these issues significant in any way?
Replies: 0
G’day,
I just installed WordFence Security on a website and at the top of the plug-in page I get the message:
The plugin Wordfence Security may cause issues with MyWork WP. Click here for instructions on how to resolve this issue
The hyperlink is https://myworkwp.com/support-center/troubleshooting/incorrect-version-numbers-false-positives/ however when I click on the link I get the message in my browser:
This site can’t be reached myworkwp.com’s server IP address could not be found.
A whois lookup reveals the domain is available for purchase. What’s more when I go to the Wayback Machine myworkwp.com doesn’t exist, it seems it’s never existed.
What’s up with the warning message from WordFence??
Cheers,
Karl
Replies: 0
Hello Wordfence,
I followed the instruction of setup wizard and did the ‘Optimize the Wordfence Firewall’ option and it returned the process was successful. but eh n I hover over the firewall in dashboard still suggests that firewall still needs optimization.
https://imgur.com/a/VxUDGUO
I’m not sure what causes this issue.
I’m using Litespeed btw.
Regards
Replies: 0
Goodmornig,
we have an issue with a webstite our costumer wanted to visit the got the 403forbidden,
we have contacted the website, the said that the ip-adresses have been put an a blacklist.
we have contacted the isp and the siad that there server have been put on the blacklist.
i have a list of ip-adresses that we would like to have unbanned.
i won’t post them for saftey reasons.
should the ISP contact you ?
or which steps do we have to take to get the ip’s unbanned?
Replies: 0
I keep having these warnings. Could you fix this please? Thank you.
PHP Warning: array_key_exists() expects parameter 2 to be array, null given in /var/www/vhosts/xxx.com/xxx.com/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/waf.php on line 1989
Regards,
Max
Replies: 0
Same issue as this one:
https://wordpress.org/support/topic/your-two-factor-authentication-doesnt-work-at-all/
I am on Mac OSX, so there’s no “anti virus” conflict. All my extensions are disabled on this self-hosted WP admin page: Ghostery, AdBlock Plus. I have also tried it in Incognito mode, and across various browsers: Safari, Chrome, Firefox.
I cannot login to WordPress, so cannot show what the Wordfence debug console shows.
Please help. What kind of idiotic dysfunctional stuff is this?
Replies: 0
Hi there,
I’ve used Wordfence on other sites and love it but am having issues with a current build and have been locked out of wp-admin four times in three days.
I’m building the site with Thrive Themes and have never had an issue with it before.
I’ve deactivated and deleted any superfluous plugins and have whitelisted my IP but still no luck.
Is there is any requirement missing or anything else that could be causing the site to be blocked from your end? According to my hosting provider when they check the IP address at their end it does not show any blacklist issues.
Do you need the web directory to be the same as the domain name?
Replies: 0
Today, I’ve had two – update, now three – of my sites report an issue with Backup Buddy not being able to complete its tasked full backups. Looking at the logs, it’s having issues with the Wordfence database tables, specifically…
Error #857835: Unable to get table creation SQL for tablewp_wfhoover`. Result:
1. Verify that it exists and mysql permissions allow this. If you manually included this as an additional table, make sure it is the correct table name.`
iThemes does not have any information on that error number.
The only way I got Backup Buddy to run properly was to deactivate, uninstall and then use Wordfence Assistant and drop the database tables. Then it ran. Then I reinstalled Wordfence, set it up and tried to run Backup Buddy again and it ran.
Then a couple hours later I have a second site with the same issue. Neither have been able to backup anything in the last three days.
Any ideas here?
Additional information. In both cases, when I log into phpMyAdmin, and take a look at the wp_wfhoover database, it. shown as “in use.” Never seen that before. Screenshot here – https://pasteboard.co/IXhErEl.jpg
When I had Backup Buddy SKIP that particular table, the process ran, but it did seem to kick back an error during the process but I think the backup did complete.
Here was the reply from iThemes Support when I asked them about the issue:
Mar 2, 15:13 CST
Hi Steve,
I’m seeing the following from that log:
14:59:21.50 64.28sec 26.62MB Error #857835: Unable to get table creation SQL for tablewp_wfhoover. Result: 1 . Verify that it exists and mysql permissions allow this. If you manually included this as an additional table, make sure it is the correct table name.
And as you mentioned, it seems to be for a Wordfence database table:
wp_wfhooverThis indicates that BackupBuddy asked the database server for the sql statement(s) that would create the table in a new database but the database server was unable to return those details for some reason. This could indicate some corruption in the database for example, but unfortunately, we don’t have any additional information in this case, sorry.
You can refer to your host support who will be able to investigate the database problem on their server with much more detail than either you or we can and should be able to resolve the problem for you. Ultimately you may need to refer to the developers of the associated plugin for advice on how to recover.
Though others have issues with Wordfence database tables in the past:
http://www.webhostingtalk.com/showthread.php?t=1443660
https://wordpress.org/support/topic/crashed-wordfence-database-tables-keeping-backups-from-running/
https://wordpress.org/support/topic/table-details-warning-with-wordfence-installed/
https://wordpress.org/support/topic/table-wp_wfhits-is-marked-as-crashed-and-should-be-repaired/Please let us know of any update and we may be able to advise further if required.
Replies: 0
Hello,
We’ve been using WordFence on a few websites for years without any issues, but as of yesterday a couple of our sites (both hosted on the same server) give us this error message when we’re trying to scan them:
Scan Failed
The scan has failed because we were unable to contact the Wordfence servers. Some sites may need adjustments to run scans reliably. Click here for steps you can try.
The error returned was:
There was an error connecting to the Wordfence scanning servers: cURL error 7: Failed to connect to noc1.wordfence.com port 443: Connection refused
Other sites hosted on different servers don’t give this message and work/scan fine.