Quantcast
Channel: WordPress.org Forums » [Wordfence Security - Firewall, Malware Scan, and Login Security] Support
Viewing all 33223 articles
Browse latest View live

remymedranda on "[Plugin: Wordfence Security] Keep getting api errors when trying to view files that were modified"

October 20, 2014, 7:21 am
$
0
0

I have site domains all with different names. So, Did exactly how you said, but still getting errors.

I've made sure all my sites have wordfence and are only searching within their own wordpress installation, and disabled config caching, but still didn't work.

So I unselected disable config caching, because I'm not having any trouble with my settings saving, but I couldn't get it to work.

After doing some tests on the other subdomains, I did have some success though, which leads me to believe maybe something else is going on we haven't thought of.

There were 2 warning messages on one of the sites I manage kylekushman.com. One of the warning messages did allow me to view the modified pages, the other one didn't. The one labeled,
Modified plugin file: wp-content/plugins/wysija-newsletters/views/front.php was the one that didn't work. But, Modified plugin file: wp-content/plugins/nextgen-facebook/readme.txt did allow me to view the file.

It also worked purelifeveganix.com for Modified plugin file: wp-content/plugins/store-locator/js/store-locator.js

BUT did not work for Modified plugin file: wp-content/plugins/new-user-approve/new-user-approve.php

OR http://www.purelifeveganix.com/?_wfsf=diff&nonce=4f5c4cb126&file=wp-content%2Fplugins%2Fwysija-newsletters%2Fviews%2Ffront.php&cType=plugin&cKey=wysija-newsletters%2Findex.php&cName=MailPoet%20Newsletters&cVersion=2.6.12

So it seems to be that maybe there is some error within that part of the plugin that's working for some files but not all. What could be the cause of this?

Other shared domain susieambrose.com didn't allow me to view modified file which was for: Modified plugin file: wp-content/plugins/wysija-newsletters/js/tinymce_init.js

Search

WFSupport on "[Plugin: Wordfence Security] Keep getting api errors when trying to view files that were modified"

October 20, 2014, 7:58 am
$
0
0

Can you screenshot the api error message and post here?

Thanks!

tim

zampai on "[Plugin: Wordfence Security] WordFence API error and Modified plugin file message"

October 20, 2014, 8:52 am
$
0
0

Well. This is not answering my question.

I agree, the core function of wordfence is to find differences between my files and the official ones. It worked perfectly until now, but :

1: I frequently receive a wordfence mail saying: "problem found, file has changed"

2: I clic "see how the file has changed" and wordfence responds :
- API error
or
- There is no differences.

I am still thinking that it is possible to do something to improve this behavior.
- I mean, why wordfence is not able to compare the files it is talking about ?
- Why it is telling me that there are differences while there are not ?

remymedranda on "[Plugin: Wordfence Security] Keep getting api errors when trying to view files that were modified"

October 20, 2014, 8:55 am

WFSupport on "[Plugin: Wordfence Security] WordFence API error and Modified plugin file message"

October 20, 2014, 8:57 am
$
0
0

Here's an idea. How about you send me a zipped folder with copies of the files that we claim or being modified. Just take them straight out of your server and give me the file bad so I know what folders they would be in and I can do a manual comparison. If it turns out that these are false positives and that will help us diagnose the problem.

Thanks

zampai on "[Plugin: Wordfence Security] WordFence API error and Modified plugin file message"

October 20, 2014, 9:09 am
$
0
0

Here is an example for API problem. Wordfence says "file has changed".
When I clic "see how the file has changed" I get "WordFence API error: An error occured trying to open the requested file." :
Here is my file :

<?php
defined('WYSIJA') or die('Restricted access');
class WYSIJA_view_front extends WYSIJA_view{
	var $controller='';
	function WYSIJA_view_front(){

	}
}

Here is the file just dowloaded from the official wordpress plugin directory :

<?php
defined('WYSIJA') or die('Restricted access');
class WYSIJA_view_front extends WYSIJA_view{
	var $controller='';
	function WYSIJA_view_front(){

	}

        /**
         * deprecated, but kept for conflict with plugin Magic action box
         * until it's fixed.
         * @param type $print
         */
        function addScripts($print=true){
        }
}

arielle81 on "[Plugin: Wordfence Security] False positives in translated WordPress versions (German)"

October 20, 2014, 10:17 am

fish911 on "[Plugin: Wordfence Security] I locked myself out, when I change the file name I'm still locked out."

October 20, 2014, 12:21 pm
$
0
0

Hi,
I'm in trouble here hope someone can help soon!! I got hit with Spam and some bot trying brute force my password over the last two days, so changed all my settings on wordfence to really secure. Well i logged in today to edited something installed a plugin and it locked me out. To many request by human or craweler. So I changed the name of the wordfence file and regained access to my site but when I went to reactivate wordfence it locked me back out.

I researched the wordfence support page and they said to download a fresh copy and activate it the then change all the settings, My problem is when I install a new copy and go to activate it, it then again locks me out...Please help!!

url: http://www.jrjbroofing.org

Thanks
Roger

https://wordpress.org/plugins/wordfence/

Search

fran4444 on "[Plugin: Wordfence Security] WordFence API error and Modified plugin file message"

October 20, 2014, 12:32 pm
$
0
0

Initially I too thought the email alerts of plugin files changes were too frequent, but now am grateful for a couple of reasons.

One is the notice a plugin might be in need of updates and I'm currently waiting for a few to get up to speed and fix issues before I can fully activated them.

And second, I would not have known that MailPoet (WYSIJA) hadn't properly removed all its files when I had deleted the plugin. *grrrr* Not happy with the discovery of these files sitting in the server. But WF had sent an alert about some file change and mystified, then discovered the residual junk. (It is possible it was my error in my hast to remove the plugin because of the recent hacks to MailPoet and didn't click the right buttons, but still, WF came through.)
------

Note, there is the possibility of a plugin being updated before checking WF notices. The alerts might still be there even after you have fixed/updated the plugins, and therefore it will look like a false call.

Thanks WF.

* * * *

benchpress on "[Plugin: Wordfence Security] 5.2.7 breaks login"

October 20, 2014, 1:14 pm
$
0
0

Since updating to 5.2.7, my site login is broken: after entering the username and password, I get an email from WF telling me that an administrator (i.e. I) logged in. However, I do not get redirected to the dashboard, instead the server connection breaks off after some time without transmitting any data.

If I disable WF, login works perfectly.

I have tried completely removing WF and re-installing. No change.

As you can probably guess, this is a total deal-breaker and I have removed WF from my site.

It may be relevant that I am using a shared SSL setup for the login and admin area using

define('FORCE_SSL_ADMIN', true);
define('FORCE_SSL_LOGIN', true);

Please let me know what further information you need to look into the issue. I have been unable to find 5.2.6 for regression testing, but it did work until I updated to 5.2.7.

https://wordpress.org/plugins/wordfence/

fish911 on "I'm being locked down by wordfence"

October 20, 2014, 1:17 pm
$
0
0

Thanks
Great Info "plugin author" I searched all morning, deleted the files renamed them, read the wordfence support forum and still no answerer. I'm so glad you posted this answer on the wordpress support thread. Awesome plugin "Wordfence Assistant plugin"! Probably the most useful I used in quite sometime. 5 star rating!! I highly recommend it..

I opened a thread asking this same question 10-mins ago. I will close it and direct traffic this way

Thanks again!

fish911 on "[Plugin: Wordfence Security] I locked myself out, when I change the file name I'm still locked out."

October 20, 2014, 1:20 pm

fish911 on "[Plugin: Wordfence Security] Wordfence is scanning forever"

October 20, 2014, 2:31 pm
$
0
0

Hello, is there a fix for this issue yet? I've tried the above suggestion following the link... Did not work, it's stuck in scan..

kater89 on "[Plugin: Wordfence Security] Wordfence Hacked?"

October 20, 2014, 3:02 pm
$
0
0

I install Wordfence on all of my clients websites including my own. All are kept up to date.

Today as I was looking at my content keywords in webmaster tools, all of the websites that have Wordfence installed are now showing spam words such as "besb", "swy" and some symbol I don't recognize.

This just started within the last week or so from what I can tell. (I looked at the keywords last week and their keywords were fine.)

Have you been having any other issues with other people's website?

I do have the free version installed on my sites and I have performed scans and all have come up clean.

Thanks

https://wordpress.org/plugins/wordfence/

tah1174 on "[Plugin: Wordfence Security] Wordfence, Block IP Address not working"

October 20, 2014, 6:50 pm
$
0
0

Am running Wordfence 5.2.7
When I go to Blocked IP's there is nothing in IP's blocked from site or IP's blocked from Login, and one entry from nearly 2months ago in throttled IP's.
There have been IP's that have attempted login (seen on the Live Traffic Tab) which breaks the wordfence login rules and they should have been blocked, but they do not appear in any of the lists. When I try to manually block the IP's, I enter the IP (I checked it is not in the list that Wordfence won't block), click Manually Block IP and it says Wordfence working, then finishes and the IP has not been added to any blocked lists. Please help!

https://wordpress.org/plugins/wordfence/

Search

crystalworlds on "[Plugin: Wordfence Security] Wordfence firewall prevent me from using Aweber blog broadcast"

October 20, 2014, 11:17 pm

Michael Albers on "[Plugin: Wordfence Security] Whitelist to bypass all rules"

October 20, 2014, 11:50 pm

stevem on "[Plugin: Wordfence Security] Keep getting api errors when trying to view files that were modified"

October 21, 2014, 2:06 am
$
0
0

I too am getting the same error for any modified file:
WordFence API error: An error occured trying to open the requested file.
when clicking on See how the file has changed in Modified plugin file.
View the file still works and I get the same result whatever the status of 'disable config caching'
It used to work, the previous one I checked was 1 month 17 days ago but now I cannot check it again.

Napalm44 on "[Plugin: Wordfence Security] Webshells detected by virus scanner in oldcagefs"

October 21, 2014, 3:15 am
$
0
0

I've just run cPanels virus scanner and its reported 5 " PHP.Trojan.WebShell-7 " files detected in oldcagefs\tmp

Is this directory anything to do with Wordfence? It contains several hundred files named 'sess_randomstringhere' and 'wordence01.tmp' (& 02,03 etc etc), as well as the infected files.

I've downloaded the files, but even my local anti-virus wont let me open them.

If they are not part of wordfence, maybe you would like me to send them to you, so you can incorporate some sort of defence into the plugin?

Thanks :)

https://wordpress.org/plugins/wordfence/

zampai on "[Plugin: Wordfence Security] WordFence API error and Modified plugin file message"

October 21, 2014, 4:20 am
$
0
0

Yes, for this part I agree with the big interest in wordfence.
I like also to be advised when a plugin need to update.

But I am still wondering why I frequently get "API error" when I clic "compare the files". Why WF can't open the files it is talking about differences ?

Viewing all 33223 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>