Quantcast
Channel: WordPress.org Forums » [Wordfence Security - Firewall, Malware Scan, and Login Security] Support
Viewing all 33169 articles
Browse latest View live

mountainguy2 on "[Plugin: Wordfence Security] Basic Caching -- Feature Request"

July 27, 2016, 5:12 am
$
0
0

Hello WF,
After a few months of website optimization I finally got around to enabling server-side caching. Idea was to use Wordfence Basic caching to eliminate installing yet another plugin (sigh).

Alas, I was appalled at how limited the Wordfence cache settings are. My main issue with Wordfence Caching is my site has two themes, one mobile and one desktop. I use a theme switcher that detects browser user agent. Wordfence Caching had little to nothing I could use to tune this, and I ended up with the well known problem of "theme swapping" occurring due to which theme happened to be the latest cached.

In any case, after about 12 hours of work, testing various plugins etc., I got WP Super Cache working quite well. If you guys ever get around to improving your cache options, they would be a good model. Not only does their software work with a mobile theme switcher system, but it has robust options controlling when the cache is refreshed.

The latter is important on a high traffic site with thousands of posts, and nearly constant administration. For example, in my case I've found the only way to get much benefit from caching is to "force" the entire site to be cached from the beginning, rather than waiting for caching to be automatically triggered. Likewise, rather than the cached files being deleted constantly, WP Super Cache allows one to set it up so they remain as static as desired.

Bummer to install yet another plugin, but one does what they must do.

(BTW, last time I tried Falcon Cache it simply didn't work, so once bitten I didn't go there this time and just stuck with trying your Basic Caching option. Perhaps I'll give Falcon another go in the future.)

Thanks for listening, MTN

https://wordpress.org/plugins/wordfence/

Search

ldeschenes on "[Plugin: Wordfence Security] readme.txt warnings"

July 27, 2016, 5:59 am
$
0
0

Hi,

I am running the French version of Wordpress.

Many times when upgrading plugins to a new versions, I get a warnings like last night: "Modified plugin file: wp-content/plugins/recent-posts-widget-extended/readme.txt" with text "This file belongs to plugin "Recent Posts Widget Extended" version "0.9.9.6" and has been modified from the file that is distributed by WordPress.org for this version. Please use the link to see how the file has changed."

It is always the readme.txt and yes it is sightly different.

Could you make make sure that you compare to the file distributed in the French version (instead of the original version).

https://wordpress.org/plugins/wordfence/

woober on "[Plugin: Wordfence Security] Unknown file in WordPress core"

July 27, 2016, 6:07 am
$
0
0

@alek75
Im experiencing the exact same thing as you are. Hope WF will reply to this

alek75 on "[Plugin: Wordfence Security] Unknown file in WordPress core"

July 27, 2016, 6:13 am
$
0
0

Good to know then maybe is just Wordfence .

Let's wait their answer

saddusaddu on "[Plugin: Wordfence Security] config.php file is Chinese in many sites"

July 27, 2016, 6:35 am
$
0
0

Last night someone attacked my site leaving a html file (... public_html/wp-admin/maint/chop.html) behind, which I deleted. Wordfence The site is working ok.
I then started going through all my sites trying to spot recent changes. And the most curious thing: in the attacked site + 2 others, the Wordfence config-php file has nothing but Chinese writing on it. (tried google translator, I think it mentions pandas.....)
㼼桰⁰硥瑩✨捁散獳搠湥敩❤㬩张桟污......

On one site I have the Premiun version and that one looked normal.
I installed a fresh installation on one site and just as I suspected, the original is not Chinese.
What is going on? I could not find anything else suspicious on my sites.

What to do? Scan is not reporting these.

https://wordpress.org/plugins/wordfence/

rjdougan on "[Plugin: Wordfence Security] Version 6.1.12 Undefined index: coreUnknown"

July 27, 2016, 6:53 am
$
0
0

What I am starting to see is the following PHP error being written to the error log in the wp-admin directory.

[27-Jul-2016 12:02:34 UTC] PHP Notice: Undefined index: coreUnknown in /home/xxxxx/public_html/wp-content/plugins/wordfence/lib/wordfenceHash.php on line 141

Not sure why I would want to turn off the scanning of the wp-admin and wp-includes directories.

fairwinds on "[Plugin: Wordfence Security] Wordfence Firewall on GoDaddy Shared Hosting Won't Install"

July 27, 2016, 7:05 am
$
0
0

I'm having the same issue with regard to installing the Firewall - get a constant message - "The changes have not yet taken effect. ..."

How does one KNOW the changes have occurred? Does Wordfence provide a message? I have noted that several posts have been made about this topic and no answer has been offered other than one post that said a miraculous fix may have been noted on her part. Thank you.

My installation is on a shared server with GoDaddy. All themes and plugins are current.

"The changes have not yet taken effect. If you are using LiteSpeed or IIS as your web server or CGI/FastCGI interface, you may need to wait a few minutes for the changes to take effect since the configuration files are sometimes cached. You also may need to select a different server configuration in order to complete this step, but wait for a few minutes before trying. You can try refreshing this page."

WFMattR on "[Plugin: Wordfence Security] ._ Unknown files in WordPress core (Version 6.1.11)"

July 27, 2016, 7:54 am
$
0
0

@Hue Marketing:
I've reopened it since this was originally your thread. I misunderstood your original request and thought you had meant the entire filename was "._", so can you give some examples of filenames? If you want to post the full list, please use pastebin.com or similar, and just post a link here (per WordPress.org rules for long posts).

@david: Some of the files in your list look suspicious -- I recommend checking our guide to cleaning a hacked website. If you need more help, please make a new post using the form at the bottom of the Wordfence forum here.

-Matt R

Search

kokoruz on "[Plugin: Wordfence Security] Unknown file in WordPress core"

July 27, 2016, 7:57 am
$
0
0

Same boat. Two of my sites were flagged. From my research I believe these files are added not by WordPress but rather by the install application within my control panel. I use Plesk. All my sites use this install method so I can keep up with managing plugins from one control panel. My desktop localhost WordPress installs running wamp for doing development before hosting do not contain these files which leads me t believe they are hooks that Plesk uses for WordPress management but I am still concerned that over 15 sites only 2 were flagged.

Read more about it here. https://talk.plesk.com/threads/where-does-plesk-download-wordpress-from.338548/

Loved to hear some feedback from other Plesk/WordPress Users. Thanks!

wfalaa on "[Plugin: Wordfence Security] Version 6.1.12 Undefined index: coreUnknown"

July 27, 2016, 8:02 am
$
0
0

Hi All,
Thanks for reporting this to us, I want to confirm that this is just a notice and it will not affect the functionality of a scan by any way.

It has been reported to our developers (with reference number: #2298) and it should be addressed soon.

If you have any problem other than this notice:
Notice: Undefined index: coreUnknown in /wordfence/lib/wordfenceHash.php on line 141
Please open a new post with more details about your issue, you can open a new post by using the form down at the bottom of this page.

Thanks, appreciate your help and contribution in Wordfence development.

wfalaa on "[Plugin: Wordfence Security] Undefined index"

July 27, 2016, 8:05 am
$
0
0

Hi paulcobb,
Thanks for reporting this to us, I want to confirm that this is just a notice and it will not affect the functionality of a scan by any way.

It has been reported to our developers (with reference number: #2298) and it should be addressed soon.

Thanks.

oneeyewebmaster on "[Plugin: Wordfence Security] Google Search Console Increase In Not Found Errors - Wordfence"

July 27, 2016, 8:13 am
$
0
0

Matt R

I am using wordfence security version 6.1.12 and this issue is still happening. My plugin is completely up to date and on the 22nd of June 2016 I received 404 crawl errors from google. ?wordfence_logHuman=1&hid=A8F5E3399E3F071781A15AB15828DDB6

My website is not in a sub directory.

Please let me know what I should do.

Thanks
Tony

wfalaa on "[Plugin: Wordfence Security] config.php file is Chinese in many sites"

July 27, 2016, 8:25 am
$
0
0

Hi,
Could you please make sure of the encoding used in your text editor while opening this file? make sure it's NOT set to "UTF-16", it should be in "UTF-8".

Also, try downloading this file on your local machine and open it using your favorite text editor, I mean don't check it using the text editor included in your hosting cPanel or something like that.

Keep me updated,
Thanks.

wfalaa on "[Plugin: Wordfence Security] how to exclude widget content from cache?"

July 27, 2016, 8:41 am
$
0
0

Hi,
Please let me know where exactly is your widget code that you don't want to cache it? is it in a widget file in your theme? or this is part of a plugin? if so, which plugin?

Generally, you can use doNotCache() function in your pages and Wordfence will stop caching any page request with this function call, the proper use of this function should be like that:

if (class_exists('wordfence')) {
        wordfence::doNotCache();
}

I think you can call this function in your widget file.

Let me know how it goes,
Thanks.

Franklin Seal on "[Plugin: Wordfence Security] TripAdvisor widget (javascript) in BeaverBuilder blocked"

July 27, 2016, 8:43 am
$
0
0

Yes, disabling WordFence allowed it to work. But, we do want WordFence to be on, so is there something we can do?

Search

rrosenthal on "[Plugin: Wordfence Security] Malware in wp-admin/_db_backups"

July 27, 2016, 8:44 am
$
0
0

The URL appears to be in a section of the database with many links ... some related to WP, others about news seemingly unrelated to WP. Almost appears like an rss feed.

saddusaddu on "[Plugin: Wordfence Security] config.php file is Chinese in many sites"

July 27, 2016, 8:53 am
$
0
0

Hi and thank you for your quick reply.
I am viewing them on my local computer with Notepad. Should not be because of character coding, because I can have all the files, the Chinese ones and the normal ones open at the same time and the spanking new one looks ok as does the one from the Premium version.

Is it normal that the config file changes even when I have not made any changes myself to the plugin's configuration. The time stamp of latest edit of the files was before I woke up.

tsabar on "[Plugin: Wordfence Security] how to exclude widget content from cache?"

July 27, 2016, 8:55 am
$
0
0

it is the content of the widget, not the widget itself. i have sidebar widgets with my phone number wrapped by google code that i don't want to cache.

if i tend to use the same 3 widgets to display the phone, perhaps i can find the widget "pages" that are called and insert your code there?

wflandon on "[Plugin: Wordfence Security] HHVM crashed"

July 27, 2016, 9:11 am
$
0
0

Hi Donghyeok Kang,

Can you run this from the command line?

hhvm -l /path/to/wp-content/wflogs/rules.php

This should let us know if the Wordfence Firewall rules have generated correctly.

Questions:
Have you been using Wordfence on HHVM for a while now?
Is the first version of Wordfence that has caused any problems?
On the Wordfence Firewall page, what is the current Firewall status?

nilbud on "[Plugin: Wordfence Security] Unknown file in WordPress core"

July 28, 2016, 12:28 am
$
0
0

Yeah it's the "security" in Plesk. Why they can't coordinate with wordfence must be because of some religious principle because it doesn't make any logical sense.

Viewing all 33169 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>