Quantcast
Channel: WordPress.org Forums » [Wordfence Security - Firewall, Malware Scan, and Login Security] Support
Viewing all 33112 articles
Browse latest View live

Unusual http://0.0.0.0/ destination visit in live traffic log

April 19, 2018, 8:10 pm
$
0
0

Replies: 0

HI. I’m always freaked out when I see this type of thing in my live traffic log.

What does this really mean:

Norcross, United States visited http://0.0.0.0/
4/19/2018 11:00:45 PM (6 minutes ago)
IP: 66.111.41.249 Hostname: 66-111-41-249.static.sagonet.net
Browser: undefined
Mozilla/5.0

Of course I mean specifically: Norcross, United States visited http://0.0.0.0/

How is someone visiting my site yet it shows http://0.0.0.0/

Am I compromised somehow, somewhere? Does this mean I have something set wrong server side or db?

Would sure appreciate some insight on this.

Search

White list IP access to this site has been limited

April 19, 2018, 11:39 pm
$
0
0

Replies: 0

Hello. I setting the wordpress and I put /wp-admin/* as on of parameter to Immediately block IPs that access these URLs.

But I put my office IP as Whitelisted IP addresses that bypass all rules and Ignored IP addresses for Wordfence Web Application Firewall alerting.

My office IP is static.

But now my office IP still got limited access to the site.

How to fix this problem. Thank you before

The error message:
——————-
Your access to this site has been limited

Your access to this service has been temporarily limited. Please try again in a few minutes. (HTTP response code 503)

Reason: Accessed a banned URL

Important note for site admins: If you are the administrator of this website note that your access has been limited because you broke one of the Wordfence advanced blocking rules. The reason your access was limited is: “Accessed a banned URL”.

If this is a false positive, meaning that your access to your own site has been limited incorrectly, then you will need to regain access to your site, go to the Wordfence “options” page, go to the section for Rate Limiting Rules and disable the rule that caused you to be blocked. For example, if you were blocked because it was detected that you are a fake Google crawler, then disable the rule that blocks fake google crawlers. Or if you were blocked because you were accessing your site too quickly, then increase the number of accesses allowed per minute.

If you’re still having trouble, then simply disable the Wordfence advanced blocking and you will still benefit from the other security features that Wordfence provides.

If you are a site administrator and have been accidentally locked out, please enter your email in the box below and click “Send”. If the email address you enter belongs to a known site administrator or someone set to receive Wordfence alerts, we will send you an email to help you regain access.

Scan Always Fails

April 20, 2018, 4:53 am
$
0
0

Replies: 0

No matter what website I use this on the scan always fails.

Wordfence 3rd party php script issue

April 20, 2018, 6:00 am
$
0
0

Replies: 0

Love your plugin. I have the paid version on some of our client sites, and free version on others.

Recently ran into a very strange issue that I need some guidance on. One of our client sites has a separate 3rd party php script installed (not a WP plugin), and apparently wordfence isn’t liking it, so its blocking the site owner from accessing their own admin tools for the script.

To give you a better idea for reference on the URLs:
http://www.somesite.com/ is where WP is installed.
http://www.somesite.com/otherscript/admin/ is where the other script and admin tools for it are installed.

So when accessing the second URL, he is getting a WF 503 “Your access to this site has been limited” for this.

Nice that WF will help security even outside of WP, but not in this case. I know the user.ini file WF creates is related to this, but unclear how to resolve this issue. Please advise.

Wordfence – Unable to save changes

April 20, 2018, 6:04 am
$
0
0

Replies: 0

Hello!
I’m trying to solve an Error 403 when I save pages from Elementos Rev. 2.0.7 page editor. I like to chage to “Learning Mode” from Web Application Firewall, but Wordfence is unable to save changes. The Save button illuminates, but doesn’t Save, not showing the save action . I am usig Wordfence Rev. 7.1.3 and WP Rev. 4.9.5.

I checked the Tools–>Diagnostic, and all items are OK with green color

Any help here, to solve this?
Thanks!

Scans failing after update to 7.1.3

April 20, 2018, 9:52 am
$
0
0

Replies: 0

Just installed the update to 7.1.3 and all scans are failing. Tried all scan settings and recommendations in the documentation. I noticed that in the detailed log I see this:

WordPress database error Table ‘asdkfk.wp_wfBlocks7’ doesn’t exist for query SELECT *, CASE

Scan seems to start ok but just gets hung after a few files are checked and then times out after 5mins. I never had any issues scanning before until I loaded the new update. Please Help!!

Will WordFence block Social Media Scrapers?

April 20, 2018, 12:54 pm
$
0
0

Replies: 0

I had SiteLock, and we had to set up something special to allow social media scrapers to access preview info, like a thumbnail and snippet. I just installed WordFence on one site, and I tried posting to Minds.com and just got the post title, and I tried posting to Facebook, and it immediately blocked it as “spam”. Has anyone had a problem posting to social media? Will this allow scapers to gather some info to make a nice post?

BTW with minds.com and SiteLock, we could not locate specific IPs, and not sure FB, Twitter, etc are open about theirs, to add to a white list.

Weird processes getting through Wordfence

April 20, 2018, 1:53 pm
$
0
0

Replies: 0

Hi, I’m a Wordfence Premium user. My site is songsimian.com. Somtimes, my Bluehost VPS server goes down and when I check my processes in my Access Logs, I see a host of weird ones. They all come at once and seemingly overwhelms my server’s resources. I’ve set Wordfence rate limits to 30 pages per user, but it doesn’t seem to stop these people. The site went down this morning (4/20/18), and I’m attaching a couple of what I think are the bad processes responsible during that time (5:30am PDT or, in the process timeframe 06:30:12 -0600]).

They look totally different from legit processes—when a human accesses my site, the processes would ask for plugins, themes, jpegs, etc., but these processes ask for none of these. Here are a couple of examples of what I mean:

64.112.94.100 – – [20/Apr/2018:06:30:12 -0600] “GET /ht/htw-allentown-morning-call.js HTTP/1.1” 500 200 “http://www.songsimian.com/best-amp-for-alpine-type-r-12-10-inch-subwoofer-e-amplifier-review/” “Mozilla/5.0 (Linux; Android 7.1.2; Pixel Build/NHG47Q) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.109 Mobile Safari/537.36”

64.112.94.100 – – [20/Apr/2018:06:30:12 -0600] “GET /tronc/mcallnguxprod/serverComponent.php?r=6277469.980148558&ClientID=2115&PageID=http%3A%2F%2Fwww.songsimian.com%2Fbest-amp-for-alpine-type-r-12-10-inch-subwoofer-e-amplifier-review%2F HTTP/1.1” 503 200 “http://www.songsimian.com/best-amp-for-alpine-type-r-12-10-inch-subwoofer-e-amplifier-review/” “Mozilla/5.0 (Linux; Android 7.1.2; Pixel Build/NHG47Q) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.109 Mobile Safari/537.36”

Anyways, can Wordfence help me in blocking these–I don’t know about IP addresses since I’ve noticed they come from different ones, though this morning, they all began with a 64.112. On April 13th, my site went down repeatedly, and when I checked the access logs, there were, for example, 2,429 processes that included the word “allentown” in them (I live in California and know nobody from Allentown, Pennsylvania).

Anyone have any ideas how to help? Thanks!

Search

Unnecessary warning for WP Fastest Cache Preload Bot

April 20, 2018, 3:00 pm
$
0
0

Replies: 0

Hi, I’am the developer of WP Fastest Cache. Wordfence warns my users about the user-agent of WP Fastest Cache Preload bot as below.

why is it like that? Can you add a condition for this issue please?

Ban IPs via Cloudflare API

April 20, 2018, 5:22 pm
$
0
0

Replies: 0

Is it possible to have all banned IPs be banned via the Cloudflare API? This stops the IP from even accessing the server and saving valuable bandwidth.

Scan failed

April 21, 2018, 12:02 am
$
0
0

Replies: 0

Hi,

Since migrating to new hosting, we receive:

Scan Failed
The scan has failed to start. This is often because the site either cannot make outbound requests or is blocked from connecting to itself. Click here for steps you can try.

I’ve checked the page https://www.wordfence.com/help/scan/troubleshooting/

  1. We’ve tried starting scans remotely
  2. We have no under construction plugins
  3. /wp-admin is not password protected
  4. The table _wfStatus looks fine in phpMyAdmin
  5. /wp-admin/admin-ajax.php loads a 0

Not sure what else to try. Help appreciated.

Steve

Hosting Says Wordfence is causing site issue

April 21, 2018, 9:44 pm
$
0
0

Replies: 0

One of my client’s websites was having trouble (getting 502 errors etc) and after 45 minutes on the phone with the hosting support, they discovered the problems were caused by wordfence. Once the plugin was disabled, the website started behaving. He said he sees this issue with wordfence at least a couple times a week. He told me wordfence “gets into everything and can cause issues. Once this happens the only resolution is to create a new clean database with out any wordfence stuff in it or to have a dev go in and clean up the database.” Any thoughts from you on this? I’m not sure what to do at this point. The site was unstable with wordfence activated.

Disable your`s email spam !

April 22, 2018, 12:07 am
$
0
0

Replies: 0

Disable your`s email spam ! no options to disable !!!

What this Wordfence script in HTML output mean?

April 22, 2018, 4:59 am
$
0
0

Replies: 0

Hello,

I found out that Wordfence outputs this script in HTML code. It is caused only on home/index page. What does it mean?

<script type="text/javascript">
(function(url){
	if(/(?:Chrome\/26\.0\.1410\.63 Safari\/537\.31|WordfenceTestMonBot)/.test(navigator.userAgent)){ return; }
	var addEvent = function(evt, handler) {
		if (window.addEventListener) {
			document.addEventListener(evt, handler, false);
		} else if (window.attachEvent) {
			document.attachEvent('on' + evt, handler);
		}
	};
	var removeEvent = function(evt, handler) {
		if (window.removeEventListener) {
			document.removeEventListener(evt, handler, false);
		} else if (window.detachEvent) {
			document.detachEvent('on' + evt, handler);
		}
	};
	var evts = 'contextmenu dblclick drag dragend dragenter dragleave dragover dragstart drop keydown keypress keyup mousedown mousemove mouseout mouseover mouseup mousewheel scroll'.split(' ');
	var logHuman = function() {
		var wfscr = document.createElement('script');
		wfscr.type = 'text/javascript';
		wfscr.async = true;
		wfscr.src = url + '&r=' + Math.random();
		(document.getElementsByTagName('head')[0]||document.getElementsByTagName('body')[0]).appendChild(wfscr);
		for (var i = 0; i < evts.length; i++) {
			removeEvent(evts[i], logHuman);
		}
	};
	for (var i = 0; i < evts.length; i++) {
		addEvent(evts[i], logHuman);
	}
})('//www.example.cz/TEMP/cs/?wordfence_lh=1&hid=276039FD0FF4B65C54BA8407BFDCEF80');
</script>

Thanks you

SSL

April 22, 2018, 8:05 am
$
0
0

Replies: 0

wp_remote_post() test back to this server failed! Response was: cURL error 60: SSL certificate problem: unable to get local issuer certificate

I’m using cloudflare.

Search

Cant Translate ERROR: The username or password you entered is incorrect.

April 22, 2018, 9:42 am
$
0
0

Replies: 0

Hello,

Since I enabled the option “Don’t let WordPress reveal valid users in login errors” the phrase in login page when someone enter with a wrong password or user changed to “ERROR: The username or password you entered is incorrect. Lost your password?”

However I cant find where is this phrase is available in wordfence translation files to allow me to translate to my language. I already tried several differents combinations of keywords and still cant find it.

Allow Bingbot to crawl like googlebot

April 22, 2018, 10:38 am
$
0
0

Replies: 0

How can I allow Bingbot to crawl like googlebot ?

I gave the “If a crawler’s page views exceed” a higher number.
But this way I also give other ( let say not so nice ) crawlers
more options to crawl.

Regards,

LV

Blocking Custom Pattern Q

April 22, 2018, 1:11 pm
$
0
0

Replies: 0

I just noticed that when I tried to go and change a custom blocking pattern ,I wanted to edit/remove on particular blocking pattern, there is no list of it anymore, am I missing something? All I see is the long list of IPs that the blocking patter rule applies to but not the actual list of my entered blocking patterns. I hope I’m just missing something because if not and this is a change in the plugin..it wouldn’t make any sense.. how would one edit that list now? I know I used to be able to edit before (at least that’s what I remember)

Basically, how am I supposed to edit my custom pattern blocking list now?

  • This topic was modified 4 hours, 1 minute ago by skygazer.
  • This topic was modified 3 hours, 44 minutes ago by skygazer.
  • This topic was modified 3 hours, 44 minutes ago by skygazer.

“wfReverseCache” crash on live site

April 22, 2018, 1:38 pm
$
0
0

Replies: 0

Good day,

Ive had this same table crash on my site twice for the past two days.

Each time it does so, my site only shows the WordPress install page.

the site is http://www.godsowndeal.com

Do you have any solution to this problem?

Issues with Firewall setup

April 22, 2018, 8:24 pm
Viewing all 33112 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>