Hi Brian,
I am running all plugins for a while now. I just never had the urge to modify the dashboard. By now I wanted to re-arrange stuff and ran into the "read-only mode". That's the best way I can describe it. I disabled all plugins and it went to RW again. Then started enabling until the problem was back. Wordfence was the switch. I could try disabling all but Wordfence to rule out a combination between it and another. Will try the cleanup also. I am about to go on vacation, so it may take a while for me to get back on this.
Thanx, so far!
Peter
↧
deepcore2 on "WordPress dashboard "locked" with wordfence enabled"
↧
GND13 on "[Plugin: Wordfence Security] Wordfence not running automatic scans"
Have upgraded sites to 6.0.11, but still seems to be a problem. Here is one screen shot from one website for Cron Viewer
Wordfence Cron Viewer
This page is used for debugging and shows a list of scheduled jobs on your system. Our staff may ask you to send them the data on this page as part of a troubleshooting process.
Wed, 15 Jul 2015 03:25:37 +0000 : wordfence_hourly_cron
Wed, 15 Jul 2015 04:39:48 +0000 : wp_update_plugins
Wed, 15 Jul 2015 04:39:48 +0000 : wp_update_themes
Wed, 15 Jul 2015 04:39:48 +0000 : wp_version_check
Wed, 15 Jul 2015 07:41:00 +0000 : wp_maybe_auto_update
Wed, 15 Jul 2015 10:01:30 +0000 : et_cron_check_account
Wed, 15 Jul 2015 12:04:05 +0000 : wordfence_start_scheduled_scan
Wed, 15 Jul 2015 13:00:00 +0000 : hmbkp_schedule_hook
Wed, 15 Jul 2015 23:58:52 +0000 : wp_scheduled_delete
Thu, 16 Jul 2015 00:25:37 +0000 : wordfence_daily_cron
Thu, 16 Jul 2015 00:32:02 +0000 : updraft_backup_database
Thu, 16 Jul 2015 01:04:17 +0000 : wp_scheduled_auto_draft_delete
Thu, 16 Jul 2015 12:57:37 +0000 : wordfence_start_scheduled_scan
Fri, 17 Jul 2015 12:27:44 +0000 : wordfence_start_scheduled_scan
Sat, 18 Jul 2015 12:19:26 +0000 : wordfence_start_scheduled_scan
Sat, 18 Jul 2015 17:00:00 +0000 : hmbkp_schedule_hook
Sun, 19 Jul 2015 12:36:42 +0000 : wordfence_start_scheduled_scan
Mon, 20 Jul 2015 12:57:31 +0000 : wordfence_start_scheduled_scan
Tue, 21 Jul 2015 00:32:02 +0000 : updraft_backup
Tue, 21 Jul 2015 12:33:04 +0000 : wordfence_start_scheduled_scan
Mon, 27 Jul 2015 06:00:00 +0000 : wordfence_email_activity_report
This is the last scan done and here is a snippet of the scan summary on the scan page.
[Jul 15 08:21:35]Scanning comments for URL's in Google's Safe Browsing ListSecure.
[Jul 15 08:21:36]Scanning for weak passwordsSecure.
[Jul 15 08:21:36]Scanning DNS for unauthorized changesSecure.
[Jul 15 08:21:36]Scanning to check available disk spaceSecure.
[Jul 15 08:21:36]Scanning for old themes, plugins and core filesSecure.
[Jul 15 08:21:43]Scan complete. Congratulations, no problems found.Scan Complete.
I have also included this
Wordfence connectivity tester
DNS lookup for noc1.wordfence.com returns: 69.46.36.8
STARTING CURL http CONNECTION TEST....
Curl connectivity test passed.
STARTING CURL https CONNECTION TEST....
Curl connectivity test passed.
Starting wp_remote_post() test
wp_remote_post() test to noc1.wordfence.com failed! Response was: Operation timed out after 10001 milliseconds with 0 bytes received
Starting wp_remote_post() test
wp_remote_post() test to noc1.wordfence.com passed!
↧
↧
deepcore2 on "WordPress dashboard "locked" with wordfence enabled"
Well, it was not that much to do. The data tabel removal did not do the trick. Uninstalling/reinstalling neither. The console says:
TypeError: e is undefined load-scripts.php:587:1480
"HTTP POST: ./?_task=mail&_action=refresh" app.min.js:62:389
"this.set_unread_count("INBOX",0,true,"");
" app.min.js:62:389
Use of getPreventDefault() is deprecated. Use defaultPrevented instead. notes-widget.min.js:2:0
Use of getPreventDefault() is deprecated. Use defaultPrevented instead. notes-widget.min.js:2:0
"HTTP POST: ./?_task=mail&_action=refresh" app.min.js:62:389
"this.set_unread_count("INBOX",0,true,"");
" app.min.js:62:389
NS_ERROR_FAILURE: Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsITaskbarTabPreview.invalidate] WindowsPreviewPerTab.jsm:406:0
NS_ERROR_FAILURE: Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsITaskbarTabPreview.invalidate] WindowsPreviewPerTab.jsm:406:0
NS_ERROR_FAILURE: Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsITaskbarTabPreview.invalidate] WindowsPreviewPerTab.jsm:406:0
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] bg_morning_1440x900.jpg
TypeError: a.widget is not a function load-scripts.php:15:28
Use of getAttributeNode() is deprecated. Use getAttribute() instead. jquery.tools.min.js:36:0
Use of getPreventDefault() is deprecated. Use defaultPrevented instead. jquery.tools.min.js:37:0
Use of getPreventDefault() is deprecated. Use defaultPrevented instead. notes-widget.min.js:2:0
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] plusi
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] request
no element found request:1:1
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] log
"HTTP POST: ./?_task=mail&_action=refresh" app.min.js:62:389
"this.set_unread_count("INBOX",0,true,"");
" app.min.js:62:389
NS_ERROR_FAILURE: Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsITaskbarTabPreview.invalidate] WindowsPreviewPerTab.jsm:406:0
Use of getPreventDefault() is deprecated. Use defaultPrevented instead. notes-widget.min.js:2:0
Use of getPreventDefault() is deprecated. Use defaultPrevented instead. notes-widget.min.js:2:0
Use of getAttributeNode() is deprecated. Use getAttribute() instead. jquery.tools.min.js:36:0
TypeError: a(...).sortable is not a function load-scripts.php:23:3138
Use of getPreventDefault() is deprecated. Use defaultPrevented instead. jquery.tools.min.js:37:0
"HTTP POST: ./?_task=mail&_action=refresh" app.min.js:62:389
"this.set_unread_count("INBOX",0,true,"");
" app.min.js:62:389Does that help?
↧
WFSupport on "WordPress dashboard "locked" with wordfence enabled"
Are you running this plugin? It looks like it is throwing a few warnings. It's probably unrelated and this one, (NS_ERROR_FAILURE) [nsITaskbarTabPreview.invalidate] WindowsPreviewPerTab.jsm:406, is probably nothing either (firefox message if my google-fu is working). A faster way to see if there is a conflict that might work would be to enable the javaScript Console and look for any errors in red when you refresh the dashboard page.
tim
↧
Accountteam on "[Plugin: Wordfence Security] Suspicious files?"
Hi Tim,
Thanks for the reply. I appreciate it! Files have been sent.
Thanks in advance.
Regards
↧
↧
tatianamedina on "[Plugin: Wordfence Security] Wordfence false positives (?) from BackupBuddy"
Hi,
I have the same problem here, but is with the file wp-track.php
I would like to know if is a false-positive case.
This file appears to be installed by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The text we found in this file that matches a known malicious file is: "ZXZhbC".
↧
paravia on "[Plugin: Wordfence Security] WordFence locks out my server IP (?)"
I'd like to understand why WordFence has started to lock out my website IP address. My site is ahead-hosting.com, server IP 72.9.148.175.
Message from WordFence:
A user with IP address 72.9.148.175 has been locked out from the signing in or using the password recovery form for the following reason: Exceeded the maximum number of login failures which is: 2. The last username they tried to sign in with was: 'admin'
User IP: 72.9.148.175
User hostname: host.ahead-hosting.com
Note: 72.9.148.175 is my server IP address, not my own (or any users) IP address. As a consequence of this lock, not just me, but anyone, from ANY IP is locked out. (I am the host so I know how to log back in, I just need to know why it's happening).
↧
ghporras on "[Plugin: Wordfence Security] Sometimes Wordfence locked out from the signing in our users.."
Thanks Matt,
All error are:
"[Wordfence Alert] http://www.guerrerosmedellin.com User locked out from signing in"
A user with IP address 181.132.XXX.XXX has been locked out from the signing in or using the password recovery form for the following reason: Used an invalid username 'rafa' to try to sign in.
Here are my options in Wordfence: http://www.guerrerosmedellin.com/borrar/wordfence.png
Thanks a lot of,
↧
deepcore2 on "WordPress dashboard "locked" with wordfence enabled"
Nope, not using that plugin. The bowser is Waterfox. But chrome gives the same problem. That java console shows:
Uncaught TypeError: a.widget is not a function
Uncaught TypeError: Cannot read property 'plugins' of undefined
Uncaught TypeError: Cannot read property 'plugins' of undefinedtrigger.home.xs4all.nl/Pics/schermprintwordfenceprobleem.jpg
Best regards, Peter
↧
↧
deepcore2 on "WordPress dashboard "locked" with wordfence enabled"
<img src="http://trigger.home.xs4all.nl/Pics/schermprintwordfenceprobleem.jpg" alt="some_text">
↧
WFMattR on "[Plugin: Wordfence Security] Wordfence false positives (?) from BackupBuddy"
@tatianamedina, the wp-track.php file on your site is probably a different issue, and is likely to be a malicious file.
It is best to follow the steps in the instructions below, if it is a malicious file:
My site was hacked. How do I use Wordfence to clean it?
If you have the option to restore the original file, you can choose that (it might be part of a plugin, since I see at least one plugin uses this filename) -- but if you see the message "Not a core, theme or plugin file", you might only be able to delete it.
↧
jonahcoyote on "[Plugin: Wordfence Security] Wordfence false positives (?) from BackupBuddy"
Hello,
I've been seeing a lot of these notifications as well in the past month or two. Most times when I go and try to inspect the suspect file, it is already gone from the backupbuddy_temp folder. So I just ignore, or if it is still there, I just delete the file. Any update on whether or not these are legit malicious files would be great!
Thanks,
Jonah
↧
WFMattR on "[Plugin: Wordfence Security] Sometimes Wordfence locked out from the signing in our users.."
Thanks for the additional details. If the username listed in the error message above is a valid user, then it probably is a conflict between plugins -- from your screenshot, either the Oneall Social Login plugin you mentioned or possibly iThemes Security.
Turning off the Wordfence option "Immediately lock out invalid usernames" should let them log in again. If you like, you can enter common bad usernames, in the field below, "Immediately block the IP of users who try to sign in as these usernames", to block most of the bad users, while still letting real users through.
↧
↧
WFMattR on "[Plugin: Wordfence Security] WordFence locks out my server IP (?)"
You may need to change "How does Wordfence get IPs" in your Wordfence options. This happens most often if the server is running a "reverse proxy," so Wordfence needs to read the visitors' IP addresses differently.
Details of the various options are explained here:
http://docs.wordfence.com/en/Wordfence_options#How_does_Wordfence_get_IPs
↧
ghporras on "[Plugin: Wordfence Security] Sometimes Wordfence locked out from the signing in our users.."
ah perfect.. Thanks a lot of for the info..
I'll take a look
; )
↧
WFMattR on "[Plugin: Wordfence Security] Wordfence not running automatic scans"
Did you add or update any plugins around the 14th or 15th of the month? Or manually add any new security (such as blocking anything in .htaccess)? It looks like scheduled jobs for other parts of WordPress and other plugins are stuck as well.
I would first check for plugin/theme updates manually, since it looks like WordPress hasn't been checking since then -- if another plugin caused the problem, they might have released a new version to fix it.
↧
sunnywinter on "[Plugin: Wordfence Security] admin logins while login page is blocked via .htaccess"
Hi WFMattR,
Thanks for your fast reply.
I noticed that on other installations we have for some of our clients, where we use iThemes Security, the xmlrpc.php has been disabled via .htaccess. So we decided to do the same for this particular domain that runs with Wordfence.
Thanks for pointing this out, hopefully the login attempts will now be reduced to 0.
↧
↧
WFMattR on "[Plugin: Wordfence Security] Wordfence Alert massege modified core files"
Yeah, thinking back, I might not ask my hosting company if I had that come up, since it's hard for their support staff to know everything that happens behind the scenes.
I'm confident that the one-click installer was the reason for the change (and this would be strange items for a hacker to change), but it's up to you, if you feel safer starting from scratch.
↧
kga1978 on "[Plugin: Wordfence Security] WordFence Falcon - Twitter feed not updating"
Thanks again WFMattR. I'll look into ajax twitter widgets and see if they'd work. Otherwise I'll just stay with the basic caching
↧
sebak on "[Plugin: Wordfence Security] Wordfence Alert massege modified core files"
Ok thanks again.
Most of all I'm just not sure what that change would do, and with the VERY limited knowledge I have of coding, it still seems like a odd change for a hacker to do, but then again I don't know. For all I know, that little change could mean that all info passes through some port the hacker set up!;p i have no idea:)
I think I trust wordfence when it gives my the all clear.
↧
