Quantcast
Channel: WordPress.org Forums » [Wordfence Security - Firewall, Malware Scan, and Login Security] Support
Viewing all 33152 articles
Browse latest View live

Had Falcon enabled – Update to 6.2.1 – Unable to access to switch off / uninstal

October 11, 2016, 11:20 pm
$
0
0

Replies: 21

Just updated to 6.2.1 and I had the Falcon engine enabled on a site using the free WordFence option. (It’s a test site which is a complete mirror of a production site).

I see no notice of the impending removal of Falcon, but the “Performance Setup” option has been remvoed from the sidebar menu.
I now have no way to disable or revert the Falcon engine settings.
I can still see the “Clear Cache” button in the top WP menu bar, but on clicking this, the front dashboard is reloaded.

Any clues?
I’ll hang off reverting to the previous version for a few hours until I see any response from you guys.

Search

[Resolved] Error on update to 6.21

October 12, 2016, 12:15 am
$
0
0

Replies: 2

On one of my sites I got an error – wordfence.php has been removed. I had to delete Wordfence via Cpanel and reinstall. Ok now, but any reason for the failure?

Error disabling Falcon

October 12, 2016, 3:41 am
$
0
0

Replies: 10

Hi,

if i disable Falcon i have forbidden error in the home.

I have also jetpack, if i disable jetpack, the web come again.

Firewall disable.

I don´t know if is´t a bug in Wordfence or Jetpack.

Regards

P.S.

Support for the Falcon and Basic cache will be removed

October 12, 2016, 8:51 am
$
0
0

Replies: 8

Why?
And why would you post this statement in my WP dashboard without any follow up information?
I searched the blog and there is no mention of this change.
Please elaborate.
Thanks.

hackers creating users

October 12, 2016, 9:08 am
$
0
0

Replies: 1

Hi,

Finding every few weeks a couple of new users created on my wordpress site.

How can I stop this? and has a back door been established now so anyone can come in and do this?
Will using the Wordfence Site Cleaning service help?

Need help!
Renee

Wordfence version 6.2.1 released

October 12, 2016, 12:59 pm
$
0
0

Replies: 0

Greeting all. We have a point release, version 6.2.2, to address an edge case that was reported.

  • Fix: Replaced a slow query in the dashboard widget that could affect sites with very large numbers of users.

Please update when you are able. Per usual, no support queries in this thread will be answered.

Does WF only monitor the wp-admin login?

October 13, 2016, 4:38 am
$
0
0

Replies: 2

Hi I have IP restricted my wp-admin page (so only my ip can access it) – but I’m still getting WF notifications that someone has tried to login using the wrong username.

Is it possible to know ‘where’ the attempt is being made on the website. The notifications give info about whom and the IP of where they are – but not the point of attack within the website.

H

Attacks from bots

October 13, 2016, 4:59 am
$
0
0

Replies: 2

Hello,

Our site crashes everytime we reach 350-400 visitors, it lose connection with MySQL database.We are using WordPress with Bunchy theme and the following plugins: Wordfence, W3 Total cache,WP QUADS,Buddypress,Snax,G1 Socials,Contact form 7,Mashshare Share Buttons, Spam Protection by CleanTalk,WP Popular posts,WP SOcial login,WP Missed Schedule,WPS Hide login. The server has 8GB RAM,120GB SSD,6CPU Cores@3.4GHz, 1 Gbps port ,OpenVZ Web Panel.
The hosting company support says that we have lots of bot’s attacks. Is there an option in the plugin which can prevent us from this? If not can you please give us another suggestion to fix the problem?

Thank you

  • This topic was modified 11 hours, 53 minutes ago by  Iveta.
Search

How can I unblock myself?

October 13, 2016, 6:52 am
$
0
0

Replies: 3

For error I blocked myself,
I tried to click “whitelist param from firewall” from live traffic but doesn’t work.
I tried to uninstall the plugin and re-install but nothing change.

PLease, help.

  • This topic was modified 10 hours, 5 minutes ago by  marcoatmac.

Wordfence creates files in global /tmp

October 13, 2016, 7:23 am
$
0
0

Replies: 1

I run wordfence on one cPanel account on my server and since the 9th of October I’ve been receiving regular emails from LFD (part of the CSF firewall) that there are suspicious files being created in /tmp. These are always of the name config.tmp.phFxui or attack.tmp.phFxui, and after some research I discovered that similarly-named files also exist in Wordfence’s local tmp dir.

Could anyone explain why this is happening? It’s definitely new behaviour. I’m on Version 6.2.2.

[Resolved] Newbie Advice

October 13, 2016, 9:59 am
$
0
0

Replies: 3

Hi

I am new to using WordFence. I am getting an email stating the below:

===

The Wordfence Web Application Firewall has blocked 147 attacks over the last 10 minutes. Below is a sample of these recent attacks:

October 5, 2016 1:50pm 213.22.250.173 (Portugal) Blocked for TimThumb <= 1.33 – Remote File Download
October 5, 2016 1:50pm 213.22.250.173 (Portugal) Blocked for TimThumb <= 1.33 – Remote File Download
October 5, 2016 1:49pm 213.22.250.173 (Portugal) Blocked for TimThumb <= 1.33 – Remote File Download
October 5, 2016 1:49pm 213.22.250.173 (Portugal) Blocked for TimThumb <= 1.33 – Remote File Download
October 5, 2016 1:49pm 213.22.250.173 (Portugal) Blocked for TimThumb <= 1.33 – Remote File Download
October 5, 2016 1:49pm 213.22.250.173 (Portugal) Blocked for TimThumb <= 1.33 – Remote File Download
October 5, 2016 1:49pm 213.22.250.173 (Portugal) Blocked for TimThumb <= 1.33 – Remote File Download
October 5, 2016 1:49pm 213.22.250.173 (Portugal) Blocked for TimThumb <= 1.33 – Remote File Download
October 5, 2016 1:49pm 213.22.250.173 (Portugal) Blocked for TimThumb <= 1.33 – Remote File Download
October 5, 2016 1:49pm 213.22.250.173 (Portugal) Blocked for TimThumb <= 1.33 – Remote File Download

==

Is there something I need to enable in Wordfence to stop these attacks?

Many thanks

Too many login attacks!!!

October 13, 2016, 11:43 am
$
0
0

Replies: 1

I have been getting literally too many login attacks from different IPS all of a sudden. Happened today, never really happened before in that much amount more than 200. Bit worried, are those legitimate?

Moved Site now Wordfence refers to old sub-site

October 13, 2016, 12:33 pm
$
0
0

Replies: 0

We were unable to write to X:\virtualservers\mand\sdl.surreydowns.org\wwwroot/wp-content/wflogs/ which the WAF uses for storage. Please update permissions on the parent directory so the web server can write to it.

But moved site to http://www.surreydowns.org all good but wordfence shows above error

Apols great plugin and still using the free one – as for my handful of websites cannot justify the costs over 12 month period.

Would appreciate an answer – suspect something simple?
WIll tweet when working

thanks !

What adds to amount of memory used in scanning?

October 13, 2016, 1:04 pm
$
0
0

Replies: 0

A simple question: What contributes to the Out of Memory Fatal Error during a scan? I’ve read talk that the number of plugins, both active and inactive, add to it. But what else? If I have extra folders of files off some of the WordPress folders would that contribute? Old themes?

I know that the file types to be omitted is set up and can be added to, so it’s not supposed to scan various large file types such as zip ,but am I missing something else that could be hogging the memory?

With 256 memory set up on my dedicated server, I’m still unable to get it working on 2 of 3 sites.

Wordfence update fails over and over, every version

October 13, 2016, 3:05 pm
$
0
0

Replies: 0

I have tried everything and can’t get Wordfence to update to the latest version every time it releases. I have been using it for a couple of years and this started about 9 months ago. I manage 15 WP installs and they all get the same issue – EVERY update. The only solution I have is to delete the plugin, reinstall and sign up again. For 15 sites this is a MAJOR PAIN.

Thing I have tried:
ø Deactivate / Update / Activate FAILED
ø Turn on Automatic Updates in Wordfence>Options FAILED
ø Turn off Automatic Updates in Wordfence>Options / Update FAILED
ø Check permissions through FTP file research FAILED
ø Check with ISP (iPower) for known or emerging issues FAILED

I feel like an idiot for sticking with it but I really like the features.

Any help!!

Search

403 forbidden problems after anouncement Wordfence

October 13, 2016, 6:14 pm
$
0
0

Replies: 26

Hi there,

after wordfence announced that falcon engine will be disabled in the next version, i got ”403 forbidden” messages on one of my pages on my site http://www.scriptium.nl

this happened wednesday. than the thing got worse and after a while i got some download attachement instead of the homepage of my site, like ”download.gz”

Alot of clients called me saying my site is inaccessible or they only see symbols. I have the same problem on my other site http://www.scriptiespot.nl, after the announcement of Wordfence. Both sites seem to work on Internet Explorer (although not for everyone) but not on chrome. Other people saying to me that the sites work on chrome. So it’s very confusing.

I see that another person on this forum has got the same problem.

i have the latest version of wordpress.

Unknown File In WordPress Core

October 13, 2016, 6:53 pm
$
0
0

Replies: 1

Hi

I have 3 messages stating Unknown File In WordPress Core.

1
Unknown file in WordPress core: wp-admin/php.ini
Filename: wp-admin/php.ini
File type: Core
Issue first detected: 11 hours 6 mins ago.
Severity: Warning
Status New
This file is in a WordPress core location but is not distributed with this version of WordPress. This is usually due to it being left over from a previous WordPress update, but it may also have been added by another plugin or a malicious file added by an attacker.

2

Unknown file in WordPress core: wp-admin/phpinfo.php
Filename: wp-admin/phpinfo.php
File type: Core
Issue first detected: 11 hours 6 mins ago.
Severity: Warning
Status New
This file is in a WordPress core location but is not distributed with this version of WordPress. This is usually due to it being left over from a previous WordPress update, but it may also have been added by another plugin or a malicious file added by an attacker.

3

Unknown file in WordPress core: wp-admin/LOG_FILE
Filename: wp-admin/LOG_FILE
File type: Core
Issue first detected: 11 hours 6 mins ago.
Severity: Warning
Status New
This file is in a WordPress core location but is not distributed with this version of WordPress. This is usually due to it being left over from a previous WordPress update, but it may also have been added by another plugin or a malicious file added by an attacker.

I find this strange as how could it be left over from a previous version of WordPress? I am too scared to delete them in case my site crashes. What should I do?

Google Robots Requesting Access To WP Admin

October 13, 2016, 7:01 pm
$
0
0

Replies: 1

Hi

My robots file is currently blocking /wp-admin

Google Webmasters (search console) is asking me to unblock it.

What are the dangers of me doing this and what would be your recommendation?

Thanks in advance. Awesome product you got 🙂

White Listed IP Errors

October 14, 2016, 1:33 am
$
0
0

Replies: 0

Hello,

I’m trying to save a short list of 4 IP address ranges for a CLoud Firewall service. I have entered them in with the ****.[00-99] brackets with commas, without commas on separate lines, on seperate lines with no commas and I get this error message;

An error occurred

Please make sure you separate your IP addresses with commas. The following whitelisted IP addresses are invalid:

So what is the problem? Are the IP addys invalid because they’re on a private network or is the formatting wrong even though I’ve tried every combination per the instructions?

Wordfence blanks my site

October 14, 2016, 3:04 am
$
0
0

Replies: 0

My site shows only a blank page, unless I remove WordFence from my plugin directory.

This is reported in the error.log, after a reboot I hoped would solve the issue:

[Fri Oct 14 11:24:01.568621 2016] [:error] [pid 1145] python_init: Python version mismatch, expected '2.7.5+', found '2.7.9'.
[Fri Oct 14 11:24:01.584874 2016] [:error] [pid 1145] python_init: Python executable found '/usr/bin/python'.
[Fri Oct 14 11:24:01.585089 2016] [:error] [pid 1145] python_init: Python path being used '/usr/lib/python2.7/:/usr/lib/python2.7/plat-arm-linux-gnueabihf:/usr/lib/python2.7/lib-tk:/usr/lib/python2.7/lib-old:/usr/lib/python2.7/lib-dynload'.
[Fri Oct 14 11:24:01.585228 2016] [:notice] [pid 1145] mod_python: Creating 8 session mutexes based on 150 max processes and 0 max threads.
[Fri Oct 14 11:24:01.585426 2016] [:notice] [pid 1145] mod_python: using mutex_directory /tmp
[Fri Oct 14 11:24:01.919109 2016] [mpm_prefork:notice] [pid 1145] AH00163: Apache/2.4.10 (Raspbian) mod_python/3.3.1 Python/2.7.9 OpenSSL/1.0.1t configured -- resuming normal operations
[Fri Oct 14 11:24:01.919391 2016] [core:notice] [pid 1145] AH00094: Command line: '/usr/sbin/apache2'
[Fri Oct 14 11:25:48.471841 2016] [:error] [pid 1266] [client 192.0.102.40:4604] PHP Fatal error:  Maximum execution time of 30 seconds exceeded in /var/www/paulguijt/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/parser/lexer.php on line 503
[Fri Oct 14 11:26:10.861592 2016] [:error] [pid 1267] [client 54.217.201.243:46674] PHP Fatal error:  Maximum execution time of 30 seconds exceeded in /var/www/paulguijt/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/parser/lexer.php on line 503
[Fri Oct 14 11:26:12.821662 2016] [:error] [pid 1821] [client 54.232.116.4:2617] PHP Fatal error:  Maximum execution time of 30 seconds exceeded in /var/www/paulguijt/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/parser/lexer.php on line 503
[Fri Oct 14 11:26:13.871646 2016] [:error] [pid 1269] [client 122.248.245.244:52601] PHP Fatal error:  Maximum execution time of 30 seconds exceeded in /var/www/paulguijt/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/parser/lexer.php on line 503
[Fri Oct 14 11:28:14.916968 2016] [:error] [pid 1268] [client 82.161.149.101:20289] PHP Fatal error:  Maximum execution time of 30 seconds exceeded in /var/www/paulguijt/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/utils.php on line 437, referer: http://paulguijt.nl/2016/02/auto-zonder-pedalen/
[Fri Oct 14 11:29:13.907098 2016] [:error] [pid 1826] [client 192.0.102.40:53233] PHP Fatal error:  Maximum execution time of 30 seconds exceeded in /var/www/paulguijt/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/utils.php on line 437
[Fri Oct 14 11:29:35.534006 2016] [core:alert] [pid 1267] [client 199.16.156.124:20768] /var/www/paulguijt/wp-content/uploads/.htaccess: php_flag not allowed here
[Fri Oct 14 11:29:35.537257 2016] [core:alert] [pid 1825] [client 199.16.156.125:35303] /var/www/paulguijt/wp-content/uploads/.htaccess: php_flag not allowed here

Apache 2.4.10
PHP Version: 5.6.26-0+deb8u1

How can I get Wordfence working again?

Regards,
Paul

Viewing all 33152 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>