Replies: 1
I noticed that when I login to admin on my wp site I cant see my site name, insted I see this:
[+ADw-/title+AD4-Hacked By Mister Spy +ACYAJg Souheyel.+ADw-DIV style+AD0AIg-DISPLAY: none+ACIAPgA8-xmp+AD4-]
wordfence did not recognize this
↧
website was hacked please respond ASAP
↧
Login to WP is locked
Replies: 0
Hello
Recently I tour on wordfacne plug-in on my website. Unfortunately after log off I can’t log in. I receive e-mails from plugin.
This email was sent from your website “Dietetyka Kardiologiczna” by the Wordfence plugin at Thursday 13th of October 2016 at 12:01:39 PM
The Wordfence administrative URL for this site is: http://dietetykakardiologiczna.pl/wp-admin/admin.php?page=Wordfence
A user with username “Krystian” who has administrator access signed in to your WordPress site.
User IP: 84.10.12.34
User hostname: 84-10-12-34.static.chello.pl
User location: Warsaw, Poland
I was trying resolve problem myself unfortunately without success. Bellow I add what I already tried to do:
1. I Used URL from the e-mail to log in.
2. I carefully followed this solution: https://docs.wordfence.com/en/Help!_I_locked_myself_out_and_can%27t_get_back_in._What_can_I_do%3F
3. I turned off all plugins
4. I cleared htaccess and user.ini files
5. I deleted wordfance folder: wflogs, wfcache and file wordfence-waf.php
6. I also tried log in as a different user and using different IP
Still nothing. On the login page I enter user name and password, click enter and I only see progress icon and after a few seconds I came back to start point. I would be grateful for help me.
Regards
Krystian Gagoś
dietetykakardiologiczna.pl admin
↧
↧
Server crash after large number of POST requests to the wp-login.php
Replies: 0
Hi
Being a newbie I am not sure if I can prevent the issue below from happening via WordFence as it looks like a BruteForce attack.
Looking over the atop logs on the server, it looks like this was a mixture of a
large number of PHP processes and MySQL consuming a relatively large amount of CPU.
From the access logs, there was a large number of POST requests to the wp-login.php page of one of your sites, so it is possible this was being bruteforce attacked:
My host recommended I do the following:
I would recommend locking down access to the wp-admin.php and xmlrpc.php files on your WordPress installation to prevent further brute force attacks. Commonly, this is done by setting up a .htpasswd file to require dual authentication to access the WordPress admin area, or through installing a WordPress plugin to safely rename these files.
Do I need to do that even though I have WordFence installed? Is there something I can enable in WordFence that would stop this?
Many thanks
↧
Modified plugin files flagged in the most recent version of Jetpack
Replies: 0
Hi there!
My name is Jeremy, and I work on the Jetpack plugin.
Yesterday, we released Jetpack 4.3.2: we checked in all the new code in trunk, then copied all that code into a new tags/4.3.2 folder, and then changed the readme file’s stable version from 4.3.1 to 4.3.2 in both trunk and tags/4.3.2 to complete the release.
Unfortunately, a few WordFence users started receiving reports from WordFence about “Modified plugin files” in Jetpack. You can find some examples in this thread.
Is there anything we’ve done that triggered those warnings? Is there anything we can do to fix this, or that you can do on your end?
Thanks a lot!
↧
Scan hangs
Replies: 1
Every time I run a scan, it just hangs…the scan summary is stuck with these two lines:
[Oct 14 07:38:52]
Scanning file contents for infections and vulnerabilities
[Oct 14 07:38:52]
Scanning files for URLs in Google’s Safe Browsing List
The scan detailed activity seems stuck at various levels of the additional file scan section, but most recently here:
[Oct 14 07:39:18] Scanned contents of 382 additional files at 14.46 per second
The diagnostics page seems to show everything is ok. Please let me know how to proceed.
Thanks.
↧
↧
Large SQL backup file
Replies: 0
Hello,
For some reason our SQL log file is growing in a rapid pace (within 5 day it was around 17gb). Can someone help?
We checked the logs and majority of the calls came from wordfence.
Kind Regards,
Shahel Ahmed
↧
.htaccess files completely disappeared
Replies: 0
Hi there, at some point recently (not sure when exactly) my .htaccess file completely disappeared/ got renamed to htaccess-workaround (there is a file called that which has exactly the same content as the .htaccess file had) and so broke all the sites on my wordpress network 🙁
I’m pretty sure wordfence was to blame.
I’ve just managed to fix it but re-adding a copy from a backup but wondered how this might have happened and could be avoided in the future (I’ve only recently moved over to wordfence from ithemes security because that was causing loads of 500 errors due to how much stuff it adds to .htaccess and was hoping security plugin breaking site such issues were behind me). Has this happened to anyone else?
Here are my general server details for info:
General
OS: Linux
Server: Apache
PHP
v5.6.24-0+deb8u1
GD: 2.1.1-dev
Magic Quotes GPC: Off
Memory Limit: 512.0 MiB
Max Upload Size: 128.0 MiB
MYSQL
v5.5.52-0+deb8u1
Maximum No. Connections: 100
Maximum Packet Size: 16.0 MiB
Data Disk Usage: 65.0 MiB
Index Disk Usage: 19.5 MiB
↧
WORDFENCE and XAMPP problem
Replies: 0
Hi
The problem on local installation (XAMPP)
When I try to open my site localhost/mysite – my XAMPP is my closes unexpectedly.
If I add in the httpd.conf file
<IfModule mpm_winnt_module>
ThreadStackSize 8388608
</IfModule>
everything works …
Do you plan to resolve this problem in the plugin (inside plugin) in order to not have to make changes in httpd.conf file?
↧
Falcon Cache in Premium?
Replies: 0
Like everyone else I got the notifications that Falcon Cache will no longer be supported and to find an alternative. I just wondered if the premium version of WordFence will continue to support it? It would be worth it to pay. Having to remove and reconfigure caching on a fleet of 40-50 sites that have .htaccess and wpconfig write permissions off will be a huge PITA! Falcon Cache works so well. Why are you dropping it? Thanks.
↧
↧
async-upload.php 403 for not admins
Replies: 0
Hi !
I have a custom worpdress multisite install with frontend upload, since the last update all the users except admins can´t upload images.
I had to deactivate the plugin meanwhile, any solutions ?
Thanks !
↧
Recent update and image uploads
Replies: 4
Thanks for this great plugin. Been a godsend. Ran into a problem recently. Was there anything in the recent update that would have blocked image uploads? I started getting a forbidden operation message some on file uploads and others just failed. When I deactivate wordfence images are uploaded as expected.
Or is there something I might have changed in the options settings that would have done that if you could point to to that it would be great. Thanks
↧
PHP Warning: filesize(): stat failed
Replies: 0
I keep getting these repeated errors every day during scans.
[16-Oct-2016 00:30:37 UTC] PHP Warning: filesize(): stat failed for D:\path\to\wp/wp-content/cache/page_enhanced/www.sitedomain.com/post_category1/name-of-post-1/_index.html.old in D:\path\to\wp\wp-content\plugins\wordfence\lib\wordfenceScanner.php on line 247
[16-Oct-2016 00:31:07 UTC] PHP Warning: filesize(): stat failed for D:\path\to\wp/wp-content/cache/page_enhanced/www.sitedomain.com/post_category2/name-of-another-post/_index.html.old in D:\path\to\wp\wp-content\plugins\wordfence\lib\wordfenceScanner.php on line 247
[16-Oct-2016 00:31:12 UTC] PHP Warning: filesize(): stat failed for D:\path\to\wp/wp-content/cache/page_enhanced/www.sitedomain.com/post_category3/name-of-a-different-post/_index.html.old in D:\path\to\wp\wp-content\plugins\wordfence\lib\wordfenceScanner.php on line 247
[16-Oct-2016 00:31:16 UTC] PHP Warning: filesize(): stat failed for D:\path\to\wp/wp-content/cache/page_enhanced/www.sitedomain.com/path/to/a/page/_index.html.old in D:\path\to\wp\wp-content\plugins\wordfence\lib\wordfenceScanner.php on line 247
It’s always on the “.html.old” or the “.html” pages from W3 total cache. This just started happening a few weeks ago. I tried adding “*.old” and “*.html” to the exclude from scanning options but it doesn’t appear to be taking effect.
↧
WordFence “Your access to this site has been limited” Error
Replies: 0
How do I take off a ‘banned URL’? one of our customer uses a third party to edit their photos. I assign them an administrative privilege; however, they are having problem accessing website.
Here’s the error msg that i upload: http://hosetech.com/STC-error.png
in Wordfence “Rate Limiting Rules” – I changed everything to ‘Unlimited’; still the same error msg.
Thanks in advance for helping.
↧
↧
v6.2.2 White Screen
Replies: 1
Hi
I have the most recent version of wordfence installed but when I activate it, it gives me nothing but white screens.
It was working fine, so I think it is an issue with the latest version, but every time I turn it on, my site blanks out.
Please can you advise if there is an issue with the plugin?
Thanks
Sue
↧
Throttling besting blocking
Replies: 0
Reposting because previous topic received no responses.
https://wordpress.org/support/topic/throttling-besting-blocking/
Throttling appears to be taking precedence over blocking. The following entry for an IP address is in LiveTraffic several times.
“… blocked by firewall for TimThumb <= 1.33 – Remote File Download”
However, at the top of the page it says “Throttling IP XXX. Exceeded the maximum number of page not found errors per minute for humans.”
The IP address is not blocked in the htaccess file.
OR…
In looking at the LiveTraffic, the user/bot is changing their user-agent frequently, I’m guessing so that it appears to not always be the same person. Does this affect WF’s algorithm? Is this why the IP address is not actually blocked?
↧
Patterns for “Whitelisted URLs” in the Options
Replies: 0
What patterns are available for the Whitelisted URLs in the WF options?
Most of my client’s sites continually show an endlessly variety of entries in the live log for variations of the /apple-touch-icon.png and it would be nice if the dozens of hits wouldn’t show in the logs…
Ex:
apple-touch-icon-120×120-precomposed.png
apple-touch-icon-precomposed.png
apple-touch-icon-120×120.png
apple-touch-icon-152×152.png
etc….
This – /apple-touch*.png – didn’t work…
Thanks in advance for any input!
↧
User getting IP blocked after 1 attempt to login
Replies: 0
I have a new user (contributor access) and every time they try to login to the backend, the IP gets flagged/blocked for “5 wrong attempts”. The strange thing is that only 1 attempt was made.
I have manually unblocked the IP and the same thing has happened a couple of times.
I have another user which does not have this problem at all but this is the 1st user who has contributor status.
It’s as if the username is being blocked automatically but I do not have it listed here:
“Immediately lock out invalid usernames” – set to yes
“Immediately block the IP of users who try to sign in as these usernames” – this username is not listed
Any suggestions?
↧
↧
Site Is Being Attacked
Replies: 0
I’m getting emails from Wordfence every ten minutes saying things like:
The Wordfence Web Application Firewall has blocked 123 attacks over the last 10 minutes.
I’m happy that Wordfence is working, but I’m wondering if I should be doing anything? How long will this go on before they give up?
↧
Block on the IP range of our crawlers Bingbot and MSNbot
Replies: 0
Hi there,
I’m using wordfence and the problem I am having is that Bing’s crawlers are receiving an HTTP 403 Forbidden response when attempting to visit my sitemaps (this is also true for my site: http://www.therapy.brussels )
So I used the option: “Whitelisted IP addresses that bypass all rules” to add the ranges provided by Bing.
This is what I added:
157.55.39.[0-255]
191.232.136.[0-255]
207.46.13.[0-255]
40.77.167.[0-255]
131.253.38.67
131.253.24.2
Bing also provided me with this information, but I don’t know where to place it:
MSNbot IP’s:
131.253.38.67 => msnbot-131-253-38-67.search.msn.com
131.253.24.2 => msnbot-131-253-24-2.search.msn.com
So far I added the IPs at the beggining of the line in “Whitelisted IP addresses that bypass all rules” as you may see above.
But still my site can’t be properly indexed.
I will really appreciate guidance in how to sort this out.
Thanks in advance,
Cecilia.
↧
Wordfence is slowing the loading of my website by more than 30 seconds
Replies: 0
After various adjustments including slideshow picture size and optimizing the mySQL database, the only thing that made a difference in the load speed was disabling Wordfence.
I even tried reinstalling a fresh copy of Wordfence.
I tried turning off the Real Time Firewall.
All changes made no improvement except totally disabling Wordfence.
How can I tell my client to upgrade to the Premium when I am not sure the load time will still be way too slow?
↧