Hello
I can see you're using admin_url() in a bad way :
admin_url('admin-ajax.php') . '?action=wordfence_testAjax';
instead of
admin_url('admin-ajax.php?action=wordfence_testAjax' );
You have to include the full url, not only the file.
Can you do this everywhere ?
Why am i asking this ? Not only to be "WordPress Protocoly Correct", but there is a filter hook in admin_url() and i need (and others plugin authors) to hook the content, and i need to read the params :/
Thanks !
ps : network_admin_url() too ;)