Replies: 0
Wordfence changes my character encoding after activation and/or migration/move.
I am left with all these ⢠/  / characters.
After I deactivate they disappear… annoying how to turn this off??
Thanks
↧
Character Encoding
↧
Wordfence Firewall installater can’t write .htaccess
Replies: 1
The Wordfence firewall installer is reporting that it can’t write to .htaccess. I’ve checked the file permissions – which are correct. The installer has written the file wordfence-waf.php OK.
The server is managed by Plesk. So I added the auto_prepend entry to the PHP configuration in Plesk and the firewall configuration page then reported that Extended Protection is now configured. However it still hasn’t updated .htaccess. And it hasn’t written a .user.ini file either – although as I understand it, that does the same thing as the entry I added to the php configiuration in plesk. So I assume that’s not required.
That just leaves the entries in .htaccess
Any suggestion on how I get the installer to add the Wordfence WAF block that I can see it’s added to other sites where I’ve configured it?
Alternatively can I safely add that block to .htaccess manually?
(Or is it created dynamically depending on the server i.e. could it need something different in some cases?)
↧
↧
-200 Error Uploading Certain Images
Replies: 2
I have a strange issue happening and have found that Wordfence seems to be causing a -200 error when attempting to upload certain images into a gravity forms multi file upload field. I found it to be Wordfence because the error would not occur if the plugin was disabled. What’s even more strange is that it seems to only happen on Windows PCs (Don’t have a specific version, but have tested it on 10), but not all Windows 10 PCs. I’ve tested this on several PCs in our office with two of them being the same configuration, but the error does not occur on both PCs. Here is a screenshot of the error message http://pho.to/AQOa8
↧
Notice: Undefined index: HTTP_CF_CONNECTING_IP
Replies: 0
I’m getting this error again in v6.2.2:
Notice: Undefined index: HTTP_CF_CONNECTING_IP in /home/geekdrop/public_html/mia/wp-content/plugins/wordfence/lib/wfUtils.php on line 650
Any ideas?
(NOTE: I tried to update this thread but, my posts weren’t showing up after clicking submit, so I had to start another thread.
↧
WordFence Activity Report Totally Inconsistent with My Blocked Emails
Replies: 0
I got a massive attack of attempted logins this week during one day. 1,300+/- blocked login attempts resulting in emails sent by WordFence to me. I then got the WordFence Activity Report and it is WAY different from the total of emails reporting blocked logins. The WordFence Activity Report says 430 blocked attempts but I have 1,300 emails reporting blocked attempts. Why the disparity???
↧
↧
Hundreds of attempts to access non-existent files
Replies: 1
Hi,I’m getting hundreds of requests for non-existent pages showing up in the live traffic panel. The IP address is my webhost. I think it may be related to the wordfence scan. I attached a sample screenshot. And here is one of the entries,
Germany left http://friendsvps.org/ and tried to access non-existent page http://friendsvps.org/wp-content/themes/melos/images/widgets/twitter-bird-light-bgs.png
10/24/2016 6:50:58 PM (5 minutes ago) IP: 188.40.248.75 [block] Hostname: s6-248-75.thcservers.com
Browser: undefined
Serf/1.3.8 (mod_pagespeed/1.11.33.2-0)
It may be something else, but I’ve no idea where to look. Any ideas or guidance on what more detail I could provide are welcome.
sorry can’t seem to get the embed to work,
https://www.dropbox.com/s/pkgdcd85xiq9mvo/wordfence_sample.png
↧
php.ini > auto_prepend_file causes parse error
Replies: 1
I am attempting to setup Wordfence WAF.
I have created wordfence-waf.php in the root of the WP installation, and set permissions to 775, in addition to chgrp to the web group.
I’m using host that allows for creation of an additional php.ini that is parsed in addition to the system php.ini, but does not allow exiting on system php.ini.
There doesn’t seem to be a problem reading the custom php.ini, but when applying it, I get a PHP parse error:
Parse error: syntax error, unexpected 'not' (T_STRING) in /home/public/wordfence-waf.php on line 3.
The auto_prepend_file directive is the only item in this custom php.ini:
$ cat php.ini
auto_prepend_file = '/home/public/wordfence-waf.php'Additionally, I tried adding the following to my WP root .htaccess and the warning message did not go away:
<IfModule lsapi_module>
php_value auto_prepend_file '/home/public/wordfence-waf.php'
</IfModule>Using WordPress 4.6.1, Wordfence 6.2.2 and PHP 5.6.27.
↧
csrf not valid conflict with Cloudflare
Replies: 0
Hello
Your plugin is conflicting with Cloudflare’s.
When setting up Cloudflare it will throw error : CSRF not valid ” if Wordfence is enabled.
I contacted Cloudflare and they directed me to this thread:
https://wordpress.org/support/topic/invalid-csrf-token-on-3-0-1/page/3/#post-8212159
Pls. advise
Bernard
↧
403 “potentially unsafe” error
Replies: 1
Hello
im using contact form 7 with file upload, and my customers are getting this error message :
403 forbidden
A potentially unsafe operation has benn detected in your request to this site.
Its is very annoying. I may lost many contacts request because of that error
Is there a log list of all this blocked requests ?
↧
↧
Can’t Complete Tour – WordfenceSitePerf not allowed to access page
Replies: 0
I just installed Wordfence and went through the tour that pops up. When I get to the stage with the button that says “Learn about site performance”, it goes to a not allowed page. Specifically this URL:
/wp-admin/admin.php?page=WordfenceActivity
…returns a page saying:
Sorry, you are not allowed to access this page.
What is going on? I’m a little stuck as someone just trying it out for the first time. 🙁
Otherwise Wordfence SEEMS to be working. I set up the firewall and went through the configuration settings one by one via the menu items in the sidebar. I also ran a scan which looked OK.
Any suggestions on how to fix or what page I’m not able to access and possibly why? Thanks!
↧
Strange URLS visited showing in Live Traffic
Replies: 0
Live traffic shows the following:
United States United States visited https://greenvillageplace.com/
10/25/2016 9:50:20 PM (1 hour 20 mins ago) IP: 169.54.233.121 [block] Hostname: 79.e9.36a9.ip4.static.sl-reverse.com
Block this IP Block this network Run WHOIS on 169.54.233.121 See recent traffic
United States United States visited https://hetheruhealing.org/
10/25/2016 8:52:00 PM (2 hours 20 mins ago) IP: 169.54.233.117 [block] Hostname: 75.e9.36a9.ip4.static.sl-reverse.com
Block this IP Block this network Run WHOIS on 169.54.233.117 See recent traffic
United States United States visited https://behutet.net/
10/25/2016 11:40:37 PM (34 minutes ago) IP: 169.54.244.82 [block] Hostname: 52.f4.36a9.ip4.static.sl-reverse.com
Block this IP Block this network Run WHOIS on 169.54.244.82 See recent traffic
Can someone please explain why the visited sites listed above are showing since they don’t have anything to do with my website? I’ve had a few more of them too but they no longer appear in Live Traffic…Just wondering if I should block them…seems very suspicious to me.
↧
[Resolved] Error on login
Replies: 1
Hi, I have a problem, I have logged in as admin, so I can change settings, but anyone else can’t login to site even I as admin from other browser, I have this error in wfConfig.php.
Fatal error: Call to a member function bind_param() on boolean in /websites/123reg/LinuxPackage22/wa/tc/ht/watchthehype.com/public_html/wp-content/plugins/wordfence/lib/wfConfig.php
When I disable plugin by renaming directory, when user try to login it always redirects to login page. And I try to install Wordfence Assistant, but it can’t be activated, it says “1 plugin ativated”, but it’s not activated.
↧
Lost blocks
Replies: 0
We had a lot of spam users registering, so i blocked theme from the live traffic area, now they are not blocked or not showing up in the history..
↧
↧
Unvalidated max_allowed_packet value results in an endless loop in WF and DoS
Replies: 1
Hello,
We have been experiencing a major issue on multiple WordFence user installations on our hosting platform – the wp_wfConfig table is suddenly getting filled with gigabytes of data. Upon inspecting the contents of the table, we see thousands of chunks of data with the same key, however the size of each chunk is different.
We were able to trace the issue to a while loop in wfConfig::set_ser (in lib/wfConfig.php around line 450). We believe that whenever set_ser is called while there’s an intermittent database issue, the value of max_allowed_packet may not always be read properly, and a negative $chunkSize may be calculated as a result.
This negative chunk size leads to an endless loop, because a non-positive value will always be smaller than the data length, and substr() called with various negative values results in chunks of various sizes being inserted into the table exactly as observed. This causes a denial of service for the web site, as it consumes the entirety of the disk space allocated for its database, and also causes WordFence to load the enormous chunked value into memory resulting in an out-of-memory conditions for the affected web site.
We are attaching a patch that adds a check for non-positive chunk sizes to bail out early in such case, as the value cannot be stored in those conditions anyway. We hope you find that useful.
diff -ur wordfence.orig/lib/wfConfig.php wordfence/lib/wfConfig.php
--- wordfence.orig/lib/wfConfig.php 2016-10-11 19:24:04.000000000 +0300
+++ wordfence/lib/wfConfig.php 2016-10-26 15:01:08.563019380 +0300
@@ -444,6 +444,12 @@
$dataLength = strlen($data);
$chunkSize = intval((self::getDB()->getMaxAllowedPacketBytes() - 50) / 1.2); //Based on max_allowed_packet + 20% for escaping and SQL
$chunkSize = $chunkSize - ($chunkSize % 2); //Ensure it's even
+
+ if ($chunkSize <= 0) {
+ wordfence::status(2, 'error', "Small or unreadable max_allowed_packet value resulted in negative chunk size for {$key}");
+ return false;
+ }
+
$chunkedValueKey = self::ser_chunked_key($key);
if ($dataLength > $chunkSize) {
$chunks = 0;
Best wishes,
The AwardSpace Administrator Team
P.S. While searching for the root cause of this issue, we also noticed that whenever a chunked value is stored, no check is being made if the key currently exists. We do not know if that’s intentional, however maybe it deserves a mention if it isn’t.
↧
[Resolved] Russian language support
Replies: 2
Thanks for good plugin!
Can you add russian language support?
↧
Wordfence Version 6.2.3 is ready to go!
Replies: 1
Greetings all. We have a point release for Wordfence today, version 6.2.3. Please update as soon as you are able.
- Improvement: Reworked blocking for IP ranges, country blocking, and direct IP blocking to minimize server impact when under attack.
- Improvement: Live traffic better indicates the action taken by country blocking when it redirects a visitor.
- Improvement: Added support for finding server logs to the Diagnostics page to help with troubleshooting
- Improvement: Whitelisted StatusCake IP addresses
- Improvement: Updated GeoIP database.
- Improvement: Disabling Wordfence now sends an alert.
- Improvement: Improved detection for uploaded PHP content in the firewall.
- Fix: Eliminated memory-related errors resulting from the scan on sites with very large numbers of issues and low memory.
- Fix: Fixed admin page layout for sites using RTL languages.
- Fix: Reduced overhead of the dashboard widget.
- Fix: Improved performance of checking for whitelisted IPs.
- Fix: Changes to the default plugin hello.php are now detected correctly in scans.
- Fix: Fixed IPv6 warning in the dashboard widget.
Thanks everyone for great comments and suggestions. Send any of those you might have to feedback@wordfence.com and someone will get back to you.
Keep in mind, the feedback address is not a place to request support.
Also, no support questions will be answered in this thread.
Free support requests can be posted at https://wordpress.org/support/plugin/wordfence
Our premium customers can open a ticket at http://support.wordfence.com
↧
New update causes a Fatal Error
Replies: 1
Hi,
I recently updated Wordfence plugin but it caused my wp-admin to shut down. I disabled all plugins then started again and when i try to reactivate wordfence plugin it shows that the plugin caused a fatal error.
It happened after the latest update
our website ProGeekers.com
↧
↧
Truncated require_once path
Replies: 1
Hi,
I’m getting a random (as far as I can see) error where the path to \wordfence\vendor\wordfence\wf-waf\src/lib/storage/file.php gets truncated in init.php’s require_once call.
I see this on both multi-site (affects all sites then) and regular wordpress installation, and been like this for the last few versions atleast.
A reset of the app-pool fixes the issue until the next time it happens. When it happens I get a 500 error response from the site.
I’m on Windows Server 2008R2 SP1 with PHP 5.6.
Error log lines I see when it happens. The truncation differens between sites, but on the same site it’s always the same.
[26-Oct-2016 10:59:50 Europe/Stockholm] PHP Warning: require_once(C:\path\to\site\wp-content\plugins\wordfence\vendor\wordfence\wf-waf\src\lib\storag): failed to open stream: No such file or directory in C:\path\to\site\wp-content\plugins\wordfence\vendor\wordfence\wf-waf\src\init.php on line 21
[26-Oct-2016 10:59:50 Europe/Stockholm] PHP Fatal error: require_once(): Failed opening required 'C:\path\to\site\wp-content\plugins\wordfence\vendor\wordfence\wf-waf\src/lib/storage/file.php' (include_path='.;C:\php\pear') in C:\path\to\site\wp-content\plugins\wordfence\vendor\wordfence\wf-waf\src\init.php on line 21Thanks in advance
Patrik
↧
Comparing files when there is language changer
Replies: 1
I have a plugin called WP Native Dashboard that basically changes the language preference in admin. wordfence seems to confuse this and compare files like readme.txt with the wrong language and then display a message saying it has been changed. I suggest that the plugin tries to determine the original language of the plugin when installed.
↧
can we block ip from undefined brownser ?
Replies: 0
Hello
Recently, my friend website seems to be hacked. I do install wordfence for him to check.
The scan has shown with no issue (just merely an outdated visual composer).
But to see the live traffic will show a list of different IP from multi-country access to the site and use this wordpress site to send e-mail (mail topic -> “please read fax message” or “new fax message coming” etc.)
This site is using postman plugin as a smtp service.
currently, I got two choice. first is to block those from live traffic ip each time T-T..
second is to deactivate postman smtp service so stop sending e-mail ( SMTP via google mail)
Do your know this issue ? (I did see a common message from wordfence that all incomming ip traffic using undefined browser so this may also a way (interim) if wordfend can block IP with a condition of undefined browser
any suggestion ?
↧