Replies: 1
Hi,
Is there a way to set up wordfence to block anyone trying a http url?
I am seeing, on my 404 tracking, that i am getting searches on http (which then go to my 404 page).
or am i worrying too much and they will all go to my 404?
Thanks
↧
Blocking http requests
↧
Unable to configure Firewall on Siteground
Replies: 0
Hello,
I’m trying to configure the firewall for a website hosted on Siteground. I followed the instructions and chose manual configuration, added the auto_prepend_file variable, checked that the .waf file is in place, but the diagnostic tab keeps telling me that waf auto prepend is not active.
Any suggestions? I really need to get the firewall up and running!
Thanks 🙂
↧
↧
Unable to Login using Edge to a WordPress site with 2FA
Replies: 0
If I am using Edge browser I cannot login into a WordPress site. I keep getting the folowing
“ERROR: An error was encountered while trying to authenticate. Please try again.”
I don’t even get to the 2FA part.
If I switch off 2FA then I can login to the site with no problems.
There is no problem if I use Chrome or Firefox. I have even tried Edge in Private Mode with no luck.
↧
Email address unsubscribed from alert emails with no authentication
Replies: 0
Hi,
I was looking through my live traffic log and saw a strange request coming into my server. I copied the link and pasted it into a sandboxed environment with no admin access to my site. The link was to unsubscribe my email address from receiving alert emails. I clicked in the confirmation button and to my surprise it worked. I was not asked for a username or password.
When I logged into an admin account on my server the wordfence plug in reported that the installation was not complete and I had to specify an alert email address.
The person who sent the request in the first place did not press the button to unsubscribe for some reason.
Surely the act of deleting an email address like this should require a valid username and password.
I saved the link that was used but obviously I wont post it here.
↧
Any Plans to Include Support for 3rd Party Popup Login Pages and Recaptcha?
Replies: 1
Are there any plans to include a way to support 3rd party login pages / popup modal forms?
I was searching for the solution and found this thread:
https://wordpress.org/support/topic/wordfence-recaptcha/
I understand that the plugin owner cannot support a bunch of random 3rd party login pages/plugins. But it seems this feature checks the recaptcha page. Wouldn’t it be possible to simply include some shortcode or something into the template/plugin file that would inject the Wordfence code to then perform that check or pass it over to Wordfence?
It seems like a fairly core function and many sites may want to use these custom login pages. What is the current thinking on this? For now, is the only solution to disable the recaptcha function?
↧
↧
Can’t access index.php
Replies: 0
I need to manually edit the main page to my site but all the index.php’s and index.html files I look in don’t show the code for the home page. I’m guessing wordfence has something to do with this. What do I need to do to get direct access again to edit the main page. How I can figure out what directory the main page is even in? I’m assuming it’s supposed to be /public_html no?
↧
Web Application Firewell: Installation Failed
Replies: 3
Hello, I’m trying to optimize Web Application Firewall, but when I press to configure it and after downloading HTACCESS, this message appears: “We were unable to make changes to the .htaccess file. It’s possible WordPress cannot write to the .htaccess file because of file permissions, which may have been set by another security plugin, or you may have set them manually. Please verify the permissions allow the web server to write to the file, and retry the installation “.
Well, I contacted my hosting provider (Aruba), I did the manual configuration with them, but then they told me that I absolutely cannot modify the php.ini file, otherwise the site falls! They told me to contact you. Please, help me, also because I’m really a beginner!!!
↧
Slow CF7 submission caused by WordFence
Replies: 1
Hi
I have CF7 throughout my site. It takes ages for the successful message to show. As a result customers are sometimes submitting three forms because they think it has gone wrong.
I have asked CF7 who said…… the problem is to be found in what happens after the submission, probably you have an antispam or something similar that while checking the mail takes a long time
I am using WordFence and wnted to know if there were problems with CF7 and if so could how do i change this?
thanks
Alex `
↧
BackupBuddy remote backups
Replies: 0
I have noticed a number of threads mentioning this issue but no apparent resolution.
Remote backups using BackupBuddy to a cloud folder or equivalent do not work when WordFence is active.
De-activate Wordfence and it works fine.
Is there a solution/work-around available?
With thanks
↧
↧
Country Blocking
Replies: 1
Does country blocking harm my Google rating, meaning not listing in top results? Thank you.
↧
Wordfence Scan failed
Replies: 0
Scan failed due to “The scan has failed to start. This is often because the site either cannot make outbound requests or is blocked from connecting to itself.”
checked the “Wordfence –> Tools –> Diagnostics” page to see if there are no errors showing Please
↧
Rejecting Users Saved Passwords
Replies: 0
Hi,
I’m having a weird issue with a site and whilst I’m not certain Wordfence is the cause, it seems like the most logical place to start.
Basically, even though users have their passwords saved to their devices so they are auto-filled, the site is rejecting them. This is not happening with a lot of users, but it does seem to be frequently happening to one of the Shop Managers, who is actually the client and not very happy about it.
The logs don’t show a reason for the failure, just the username and the fact it’s failed and code 200. The only thing I have noticed is that every failed login is showing a Page of “/admin-ajax.php” on top of the admin address for the backend. This seems weird to me but I don’t know enough about it to say if it is an issue or not.
Could anyone please offer any thoughts or insight into what might be causing this as it’s driving me mad and I can’t find a cause!
↧
URGENT! Site not loading after two days of installing wordfence
Replies: 0
Hi guys,
Please I’m freaking out, I can’t access the site, it just keeps loading until the connection is dropped. I’m using google cloud to host it, I try to connect through ssh tool, nothing, and looking through their documentation it points to some causes, mostly regarding firewall rules.
Here’s my thought, for some reason wordfence might not be allowing ssh connection (google ssh tool nor ftp, I use FileZilla), or even traffic from google services, as noted by them. The only thing I can think of that could’ve messed up with that is wordfence, it was the last plugin I installed and the last thing I modified.
Since I can’t access my site through ssh or ftp I can’t rename/delete it to check if it’s causing this problem. So, any previous cases? or ideas that you might suggest?
Thanks!
↧
↧
Wordfence + Cloudflare
Replies: 0
Hi,
Do Wordfence and Cloudflare (with Cache Everything rule) work well together? Are there any settings that should be changed for the two to play nice together and the site to stay protected?
Thanks!
↧
Scan terminated with error: The scan time limit of 3 hours has been exceeded
Replies: 1
Getting this error, Scan terminated with error: The scan time limit of 3 hours has been exceeded
Done following step
1. Time limit that a scan can run in seconds option, not sure it is taking hours or second so I have set it to 300000000000 but it still showing that the limit is 3 hours.
2. using Limited Scan, which exclude scanning binary file
3. exclude scan of wp-content/uploads/*
4. turned debugging option, following is the output.
[May 13 03:06:30] -------------------
[May 13 03:06:30] Scan interrupted. Scanned 291540 files, 25 plugins, 4 themes, 0 posts, 0 comments and 0 URLs in 3 hours 1 second.
[May 13 03:06:31] Wordfence used 40.07 MB of memory for scan. Server peak memory usage was: 127.07 MB
[May 13 03:06:31] Scan terminated with error: The scan time limit of 3 hours has been exceeded and the scan will be terminated. This limit can be customized on the options page. Get More Information
[May 16 00:01:32] Scheduled Wordfence scan starting at Sunday 16th of May 2021 12:01:32 AM
[May 23 09:32:12] Scan stop request received.
[May 23 09:42:21] Calling Wordfence API v2.26:https://noc1.wordfence.com/v2.26/?k=7a8871a62714114594c8d246730ad552f8e0f1e7676d7ca6407d62ec77c8a0b85b0cc0f1510b7b333102aec30a6bb887005d13052a2fa16d0a15d2b001b154febfa072812efd2db13374bef9c4be5e76&s=eyJ3cCI6IjUuNy4yIiwid2YiOiI3LjUuMyIsIm1zIjpmYWxzZSwiaCI6Imh0dHBzOlwvXC9uaW5qYWZvdW5kLmNvbSIsInNzbHYiOjI2OTQ4ODMxOSwicHYiOiI3LjMuMjgiLCJwdCI6ImNnaS1mY2dpIiwiY3YiOiI3Ljc2LjEiLCJjcyI6Ik9wZW5TU0xcLzEuMS4xayIsInN2IjoiQXBhY2hlIiwiZHYiOiIxMC4yLjM2LU1hcmlhREItbG9nIiwibGFuZyI6IiJ9&betaFeed=0&action=timestamp
[May 23 09:42:49] Ajax request received to start scan.
[May 23 09:42:49] Entering start scan routine
[May 23 09:42:49] Got value from wf config maxExecutionTime: 20
[May 23 09:42:49] getMaxExecutionTime() returning config value: 20
[May 23 09:42:49] Starting cron via proxy at URL https://noc1.wordfence.com/scanp/mydomain.com/wp-admin/admin-ajax.php?action=wordfence_doScan&isFork=0&scanMode=limited&cronKey=0512b47e4db89a6861c302b38fc8bc5f&k=7a8871a62714114594c8d246730ad552f8e0f1e7676d7ca6407d62ec77c8a0b85b0cc0f1510b7b333102aec30a6bb887005d13052a2fa16d0a15d2b001b154febfa072812efd2db13374bef9c4be5e76&ssl=1&signature=34c417a7a4d7dc1b539e7417732a94652cb9d113fea5582934661b93eeb6d37a
[May 23 09:42:49] Scan process ended after forking.
[May 23 09:46:14] Ajax request received to start scan.
[May 23 09:46:14] Entering start scan routine
[May 23 09:46:14] Got value from wf config maxExecutionTime: 20
[May 23 09:46:14] getMaxExecutionTime() returning config value: 20
[May 23 09:46:14] Starting cron via proxy at URL https://noc1.wordfence.com/scanp/mydomain.com/wp-admin/admin-ajax.php?action=wordfence_doScan&isFork=0&scanMode=limited&cronKey=5b172e59cdec3b0b35e33cb773dc3043&k=7a8871a62714114594c8d246730ad552f8e0f1e7676d7ca6407d62ec77c8a0b85b0cc0f1510b7b333102aec30a6bb887005d13052a2fa16d0a15d2b001b154febfa072812efd2db13374bef9c4be5e76&ssl=1&signature=f2bc6023bad08a151dd379ae93e62089f17e0e10a1cf803b9fd8690e5d7149f4
[May 23 09:46:14] Scan process ended after forking.
[May 23 09:52:58] Calling Wordfence API v2.26:https://noc1.wordfence.com/stats.json↧
Wordfence API error- scan will not run
Replies: 0
Hi,
When trying to run standard scan, getting repeatedly this error message:
`Scan Failed
The scan has failed because we received an unexpected response from the Wordfence servers. This may be a temporary error, though some sites may need adjustments to run scans reliably. Click here for steps you can try.The error returned was:
Wordfence API error: Your site did not send an API key when contacting the Wordfence servers.`
A few month ago the scan run normally. Any suggestions?
↧
Wordfence causing login error
Replies: 0
Hi there,
Over the past week or so I’ve encountered an error on my website where when logging in it will display an error “An error was encountered while trying to authenticate. Please try again”. The confusing thing is it doesn’t seem to occur on all computers. I can login fine on my PC, but I get the error when logging into the same user on my laptop.
When I get the error, I also get an error in the console, “Access to XMLHttpRequest at’http://site.co.uk/wp-admin/admin-ajax.php’ from origin ‘http://site.co.uk’ has been blocked by CORs policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.
The only thing that has fixed this is disabling Wordfence… I have tried reinstalling Wordfence, and downgrading to a previously working version.
Any ideas?
Thanks!
↧
↧
With Wordfence, how do I modify my htaccess file correctly?
Replies: 0
I would like to add some code to my htaccess file that had been successfully used prior to installing Wordfence.
How do I correctly make modifications to the htaccess file so that Wordfence will not think it is a hack?
Also, is there a way to tell Wordfence to allow access to the admin login page from only ip addresses I specify?
If instructions for these things exist, please direct me to them.
Thanks!
↧
cURL error 28: Connection timed out
Replies: 2
Since last update I receive on different WordPress installations (all running wordfence) the following error:
cURL error 28: Connection timed out after 10000 milliseconds (http_request_failed)
I already talked to my hoster but neither firewall nor security modules (e.g. mod_security) block the outgoing cURL requests. There have been noch changes on hoster site.
When Wordfence is deactivated everything is running fine (on both sites), so it seems to be related to the plugin and the last update.
Hopefully somebody can tell what what causes this error or solve it by an update.
Regards
↧
Wordfence Critical Error
Replies: 0
The moment I install WordPress, an error appears and I am no longer able to access my website:
There has been a critical error on this website. Please check your site admin email inbox for instructions.
Wordpress 5.7.2
Wordfence 7.5.3
Theme Twenty Twenty One 1.3
Is there PHP directions that I need to provide to my host?
↧