Disable possible? Scan Termination due to time limit

August 20, 2017, 9:45 pm

≫ Next: Scans not starting automatically

≪ Previous: Unable to open /wflogs/ips.php for reading and writing

Replies: 0

The scan was terminated early because it reached the time limit for scans. If you would like to allow your scans to run longer, you can customize the limit on the options page: https://your.wordfence.website.com/wp-admin/admin.php?page=WordfenceSecOpt or read more about scan options to improve scan speed here: https://docs.wordfence.com/en/Scan_time_limit

Some of us know this very well, it’s all we see, we read go to links nothing changes. Can we just turn it off, and take all the time you like….
This time out stuff I have no time for time outs.

Thank you for your consideration

↧

Scans not starting automatically

August 21, 2017, 2:22 am

≫ Next: WordFence blocking all users!

≪ Previous: Disable possible? Scan Termination due to time limit

Replies: 0

I am running the free version of Wordfence on a few websites but the scans are not running every 72 hours as stated in the documentation. I can run scans manually and I have tried ticking ‘Start all scans remotely’.

I have also been through this support document: https://docs.wordfence.com/en/My_scans_aren%27t_starting._What_would_cause_that%3F
Going to http://www.example.com/wp-admin/admin-ajax.php returned 0, I have not password protected wp-admin and the servers are not blocked as far as I can tell.

Under Tools > Diagnostics, Connecting back to this site, all the sites give the following error:
wp_remote_post() test back to this server failed! Response was: cURL error 7: Failed to connect to (domain here) port 80: No route to host

Is something on the host server stopping the scans from starting automatically?

This topic was modified 1 hour, 32 minutes ago by tanitan.

↧

WordFence blocking all users!

August 21, 2017, 3:27 am

≫ Next: Unknown IP logged on ‘as me’?? During Firewall learning mode

≪ Previous: Scans not starting automatically

Replies: 0

Hello,

I have been using Wordfence for so long and never had any issues. Today I came across one and it is really weird.

I was unable to access the site – I get an error “Your access to this site has been limited”. I was informed by customers that my site is inaccessible from their locations as well. I tried multiple ISPs and tried connecting through a VPN, same thing! Basically, my website was locked safely by Wordfence and nobody could see it 🙁

See screenshot: http://imgur.com/a/YdsaS

Though the message says “The reason your access was limited is: “Blocked by login security setting.” – I didn’t try to login, just visiting my website homepage.

I used the email form and got access to the Wp-admin and I see that in the firewall stats the maximum blocks have been with my own server IP! I do not know how & why it is blocking my own server IP.

See screenshot of my server IP in the blocked list: http://imgur.com/a/Q83lt

I enabled Live Traffic and see that most blocks are for the following
Screenshot 1: http://imgur.com/a/KhCDg
Screenshot 2: http://imgur.com/GlEQev7

Clearing the blocked IPs enabled access to the site but the same problem has cropped up after a few minutes.

I have disabled Wordfence for now.

What could be the reason for this?

↧

Unknown IP logged on ‘as me’?? During Firewall learning mode

August 21, 2017, 2:24 pm

≫ Next: scan find ‘no problems’ but then appends errors text

≪ Previous: WordFence blocking all users!

Replies: 1

worried as this hapenned while no firewall in place during learning mode PLUS i have newspaper theme (traffic trade)
came back to wordpress today from aiowp. firewall was in learning more for 2 hours while i went through as much as possible as quickly as possible – posts plug in settings etc as per instructions.
finished, all looked ok, put firewall into enabled mode.
during that time had rec’d email notifying me that my own user login name had been used for an unknown IP addy in paris france. tried to block it with response – you can’t block your own ip.
wordfence showing this ip as currently logged in.
looked in aiowp (which i have turned off its security and firewall but not yet disabled it) and it is showing me alone at my correct ip address.
back to wordfence and it is showing me the pages visited by that login in my name, neither of which i have visited today.
on live traffic it shows this french ip address making several login attempts before it got in
so i’m pretty worried someone is actually in my site now.
only other peculiar thing to mention is that at the end of the first and successful scan, despite a ‘no problems’ outcome, at the end of detailed scan it had this text
[Aug 21 22:20:49] Notice: Undefined index: adrotate-pro/adrotate-pro.php in /home/gibbsyns3/public_html/wp-content/plugins/adrotate-pro/library/update-api.php on line 73 Notice: unserialize(): Error at offset 0 of 2136 bytes in /home/gibbsyns3/public_html/wp-content/plugins/js_composer/include/classes/updaters/class-vc-updating-manager.php on line 149 Warning: Creating default object from empty value in /home/gibbsyns3/public_html/wp-content/plugins/js_composer/include/classes/updaters/class-vc-updating-manager.php on line 118 Notice: Undefined property: stdClass::$sections in /home/gibbsyns3/public_html/wp-content/plugins/js_composer/include/classes/updaters/class-vc-updating-manager.php on line 119 0

wp 4.8.1 newspaper 8.1 theme php 7.1

↧

scan find ‘no problems’ but then appends errors text

August 21, 2017, 3:47 pm

≫ Next: Rename WP-content name

≪ Previous: Unknown IP logged on ‘as me’?? During Firewall learning mode

Replies: 0

reinstalled wordfence, at the end of the first and successful scan, despite a ‘no problems’ outcome, at the end of detailed scan it had error text (below)

it is showing it on every wordfence page and is big n red at the top of the ‘view activity log’ page, but that doesn’t fit in with the no problems found outcome.

any help on what it is, whether serious and what to do, much appreciated.

wp 4.8.1 newspaper 8.1 theme php 7.1

[Aug 21 22:20:49:1503346849.806444:1:error] Notice: Undefined index: adrotate-pro/adrotate-pro.php in /home/gibbsyns3/public_html/wp-content/plugins/adrotate-pro/library/update-api.php on line 73 Notice: unserialize(): Error at offset 0 of 2136 bytes in /home/gibbsyns3/public_html/wp-content/plugins/js_composer/include/classes/updaters/class-vc-updating-manager.php on line 149 Warning: Creating default object from empty value in /home/gibbsyns3/public_html/wp-content/plugins/js_composer/include/classes/updaters/class-vc-updating-manager.php on line 118 Notice: Undefined property: stdClass::$sections in /home/gibbsyns3/public_html/wp-content/plugins/js_composer/include/classes/updaters/class-vc-updating-manager.php on line 119 0

↧

Rename WP-content name

August 21, 2017, 11:35 pm

≫ Next: Plugin Update Alerts and CRON

≪ Previous: scan find ‘no problems’ but then appends errors text

Replies: 0

HI,

I just installed Wordfence, is their any major setting required? any tutorial videos?

I want to Rename the folder name wp-content is this possbile with your plugin.?

↧

Plugin Update Alerts and CRON

August 22, 2017, 1:40 am

≫ Next: Bug report: wrong memory evaluation

≪ Previous: Rename WP-content name

Replies: 0

Very quick on to check if anyone has figured a way around this.

We like having alerts on for updates etc but we also have multiple WordPress sites set to autoupdate plugins.

The issue comes that many times WF will email a plugin update alert ‘before’ the cron runs on the WordPress site to auto update it.

There is no way to turn off update alerts solely for plugins so bit baffled how to resolve this one as we’re getting a significant amount of emails now owing to multiple sites.

↧

Bug report: wrong memory evaluation

August 22, 2017, 5:45 am

≫ Next: Setup Wordfence Web Application Firewall

≪ Previous: Plugin Update Alerts and CRON

Replies: 0

Hello,

I just want to report an erroneous assertion of the memory_limit in the wordfence.php file on line 38.

It reads if((int) @ini_get('memory_limit') < 128){.
However, if the server memory setttings is set to unlimited (-1), this condition becomes true thus altering the memory config.
Of course unlimited being over 128, this setting should therefore not apply.

This was spotted while running independant and resources heavy CRONs which required more than 128M.

Regards and props for an otherwise great product.

This topic was modified 7 minutes ago by ergeais.

↧

Setup Wordfence Web Application Firewall

August 18, 2017, 11:06 am

≫ Next: Bug report: wrong memory evaluation

≪ Previous: Bug report: wrong memory evaluation

Replies: 1

I am on a cluster server and not sure I can access php.ini. What do I need to manually add to the HTACCESS File as I can access that?

Thanks

Adrian

This topic was modified 3 days, 18 hours ago by aceaid.

↧

Bug report: wrong memory evaluation

August 22, 2017, 5:45 am

≫ Next: Undefined offset: 9 in wordfenceClass.php on line 7125

≪ Previous: Setup Wordfence Web Application Firewall

Replies: 0

Hello,

I just want to report an erroneous assertion of the memory_limit in the wordfence.php file on line 38.

This was spotted while running independant and resources heavy CRONs which required more than 128M.

Regards and props for an otherwise great product.

This topic was modified 2 hours, 43 minutes ago by ergeais.

↧

Undefined offset: 9 in wordfenceClass.php on line 7125

August 22, 2017, 7:09 am

≫ Next: What goes in my .gitignore file for Wordfence?

≪ Previous: Bug report: wrong memory evaluation

Replies: 0

Have seen a series of these (prehaps 15) since 21-Aug-17:

[21-Aug-2017 20:02:23 UTC] PHP Notice: Undefined offset: 9 in /home/XXXX/wp-content/plugins/wordfence/lib/wordfenceClass.php on line 7125

This site is a premium user.

This topic was modified 1 hour, 19 minutes ago by FeralReason.

↧

What goes in my .gitignore file for Wordfence?

August 22, 2017, 8:45 am

≫ Next: should enqueue minified jquery.dataTables.js

≪ Previous: Undefined offset: 9 in wordfenceClass.php on line 7125

Replies: 0

I am developing my website locally on my Macbook Pro using:

Roots Bedrock WordPress
Docker
Git (on Bitbucket)

I have just installed Wordfence and I added all it’s files to version control under Git.

Then when using Git I noticed that the following Wordfence file is constantly being updated;

– wflogs/config.php

I searched for info on the Wordfence FAQ and this forum, but there is no definitive information I can find on whether I should track this file on Git (and by implication, deploy it to my staging or live sites), or not (ie add it to my .gitignore file and not deploy it).

So, my two specific questions are:

What are the Wordfence files that I should NOT be tracking using Git?
If I do not track certain Wordfence files, does it affect my deployment strategy to my staging and live sites?

Thanks,
Henry

This topic was modified 24 minutes ago by henscu.

↧

should enqueue minified jquery.dataTables.js

August 22, 2017, 1:34 pm

≫ Next: blocked by login security setting

≪ Previous: What goes in my .gitignore file for Wordfence?

Replies: 0

You include a minified version of jquery.dataTables.js but you only enqueue the unminified version.

Since the unminified version is soooo much smaller, I would be helpful if you enqueued that instead (and not even bother including the unminified version).

↧

blocked by login security setting

August 22, 2017, 3:52 pm

≫ Next: Would Disabling wp-cron affect wordfence

≪ Previous: should enqueue minified jquery.dataTables.js

Replies: 3

Hi Team,

Been using WF for a while now and all in all, great plugin.

But I’m wondering in fact I am using it correctly as it seems to block everything as I am getting :

‘blocked by login security setting’

Now I don’t want us to appear as blocking every genuine visitor thus irritating them.

How can I get this right so we’re friendly but protected by those who seem malicious?

Would like to upgrade sometime soon once we get this right 😉

Hope that makes sense.

Regards

↧

Would Disabling wp-cron affect wordfence

August 22, 2017, 5:45 pm

≫ Next: Stop email alerts for updates

≪ Previous: blocked by login security setting

Replies: 1

If, for performance issues, disabled wp-cron and executed it instead periodically
from the system cron, would it adversely affect Wordfence?

Joe c

↧

Stop email alerts for updates

August 22, 2017, 11:23 pm

≫ Next: Warning: Creating default object from empty value in class-vc-updating-manager.p

≪ Previous: Would Disabling wp-cron affect wordfence

Replies: 0

I manage quite a lot of websites and don’t need the constant stream of emails telling me about themes and plugins that need updating.

I use something else for that.

How do I turn these emails off without turning off emails about possible security breaches/issues?

Every day it’s an inbox crammed with Wordfence emails. Would appreciate some help with this. If I can’t turn them off I’ll use a different plugin.

Thanks

↧

Warning: Creating default object from empty value in class-vc-updating-manager.p

August 23, 2017, 6:26 am

≫ Next: Wordfence Live Activity: Idle

≪ Previous: Stop email alerts for updates

Replies: 0

I just installed wordfence. It was working fine and suddenly it started throwing the following error at the top:

Warning: Creating default object from empty value in /home/$$$$$$/public_html/wp-content/plugins/js_composer/include/classes/updaters/class-vc-updating-manager.php on line 119 Notice: Undefined property: stdClass::$sections in /home/$$$$$$/public_html/wp-content/plugins/js_composer/include/classes/updaters/class-vc-updating-manager.php on line 120 0

I don’t know whether this is something to be concerned about or what? Is wordfence still working or what? Why is this error there??

Please can someone assist me? Thanks in advance.

This topic was modified 8 minutes ago by BlueSteam.

↧

Wordfence Live Activity: Idle

August 23, 2017, 6:59 am

≫ Next: 499 error GET wp-login.php errors in logs

≪ Previous: Warning: Creating default object from empty value in class-vc-updating-manager.p

Replies: 7

Hello,

On my wordfence installation I see the following message in the ticker:

Wordfence Live Activity: Idle

Extended protection is enabled but I am confused by this message. Does this mean that wordfence is not doing anything??

Please could someone assist me asap?

↧

499 error GET wp-login.php errors in logs

August 23, 2017, 9:20 am

≫ Next: Scan does not start, nothing logged

≪ Previous: Wordfence Live Activity: Idle

Replies: 0

I’m seeing repeating log attacks with a 499 timeout error. Different IP’s …

It gets worse and I have to reboot the website because it stops responding.

How can I stop this?

2017-08-23 12:00:07 Error 170.150.185.150 499 GET /xmlrpc.php HTTP/1.1
2017-08-23 12:00:39 Error 170.150.185.150 499 GET /wp-login.php HTTP/1.1
2017-08-23 12:01:11 Error 170.150.185.150 499 GET /wp-login.php HTTP/1.1
2017-08-23 12:01:43 Error 170.150.185.150 499 GET /wp-login.php HTTP/1.1
2017-08-23 12:02:15 Error 170.150.185.150 499 GET /wp-login.php HTTP/1.1

2017-08-23 11:13:20 Error 189.76.233.145 499 GET /wp-login.php HTTP/1.1
2017-08-23 11:13:51 Error 189.76.233.145 499 GET /wp-login.php HTTP/1.1
2017-08-23 11:15:14 Error 65.94.86.78 405 GET /xmlrpc.php HTTP/1.1
2017-08-23 11:15:14 Error 65.94.86.78 499 GET /wp-login.php HTTP/1.1
2017-08-23 11:15:14 Error 65.94.86.78 499 GET /wp-login.php HTTP/1.1
2017-08-23 11:15:14 Error 65.94.86.78 499 GET /wp-login.php HTTP/1.1
2017-08-23 11:15:15 Error 65.94.86.78 499 GET /wp-login.php HTTP/1.1

↧

Scan does not start, nothing logged

August 23, 2017, 4:11 pm

≫ Next: Why reject with code 503, rather than a real error code, such as 403 Permission

≪ Previous: 499 error GET wp-login.php errors in logs

Replies: 1

I installed WordFence – I go to “Start a Wordfence Scan” and it spins for 5 seconds and then goes back to “Start a Wordfence Scan”. Nothing logged. Tried enabling “Start all scans remotely”, no difference.

Tools diagnostics shows: wp_remote_post() test back to this server failed! Response was: 200 OK

↧