wfdave
Forum Replies Created
-
Hi @deffectrix,
This is indeed a false positive, and you were right to whitelist this action. Wordfence blocks any attempt to inject any type of script, but in your case you were just trying to inject a Google Analytics script into your site.
You don’t need to do anything else, as you have already whitelisted that plugin.
Dave
Hi @whateverfree2,
I like these features, but they are not possible, and I can explain in further details.
1. Blocking creating Admin accounts:
A lot of malicious plugins directly access the database to create new admin users. This cannot be prevented without blocking the database access to all your other plugins.
2. Password for Wordfence
Possible, but it’s possible to disable Wordfence within FTP as well (which can’t be prevented).
3. Block upload PHP code
This already exists, called
Disable Code Execution for Uploads directorywithin Wordfence -> All Options.Dave
This is related to a plugin exploit for Profile Builder. If you do not have this plugin installed, you can safely disable this rule under Wordfence -> All Options.
For example: https://i.imgur.com/hbzPO0g.png
Uncheck the WAF-RULE-204, and then Save Changes in the top right corner.
Also if you have Profile Builder updated to the latest version, you can also safely disable that rule.
Dave
Hi again,
The screenshot that you posted is from last year’s version of Wordfence. Wordfence (or any security-based plugin) works best when it’s fully updated.
If you do choose to continue using a very outdated version of Wordfence, can you send me the diagnostics for your website?
It should be under Wordfence -> Tools -> Diagnostics -> Send Report by Email. Type
wftest@wordfence.comfor the email, andmdonleyfinncorpfor your ticket name.Once you’ve sent the report, please let me know and I’ll take a look at it.
Dave
Hi @taylakay,
This seems to be caused by the plugin running during a Wordfence scan, and not caused by Wordfence itself. Can you run the scan again to see if this is a reoccurring issue or not?
If it is constantly happening, you may want to disable the EDD plugin associated with Ninja forms.
Dave
Hi @upi,
Unfortunately there isn’t anything like that. However you can choose to manually insert data within
wp_wfblocks7so that would block a specific IP address from connecting.Maybe there might be expansions to the Wordfence API. https://www.wordfence.com/help/advanced/wordfence-api/
Let me ask and see if I can get back to you with more information.
Dave
Hi @taadm1n,
Can you open a ticket over on the premium support site?
https://support.wordfence.com/support/home
We won’t be able to provide premium support here in the public foruums.
Dave
Hi @ingjk,
You’re saying that you cannot login because your site is asking you to verify with an email, and you’re not seeing an email in your inbox?
If you have access to FTP, you can go in and rename the
wp-content/plugins/wordfencefolder towp-content/plugins/wordfence-oldand you should be able to access your site.I’d recommend changing the setting that controls login verification. There’s an option within Wordfence -> Login Security, that allows you to choose
0.0 Definitely a Humanor10.0 Definitely a Bot. You may want to experiment with values closer to a Human, so that you’re not being mis-categorized as a robot.Dave
Hi @bzwoman,
That line you mentioned is directly involved with serializing data.
I believe what is happening is that data from the Wordfence tables in your database are large – and when they’re being serialized, your host runs out of memory.
Can you remove all Wordfence-related tables from your database, and see if you can reinstall / enable Wordfence?
Here’s a quick query to remove all the related tables:
DROP TABLE wp_wfblockediplog; DROP TABLE wp_wfblocks7; DROP TABLE wp_wfconfig; DROP TABLE wp_wfcrawlers; DROP TABLE wp_wffilechanges; DROP TABLE wp_wffilemods; DROP TABLE wp_wfhits; DROP TABLE wp_wfhoover; DROP TABLE wp_wfissues; DROP TABLE wp_wfknownfilelist; DROP TABLE wp_wflivetraffichuman; DROP TABLE wp_wflocs; DROP TABLE wp_wflogins; DROP TABLE wp_wfls_2fa_secrets; DROP TABLE wp_wfls_settings; DROP TABLE wp_wfnotifications; DROP TABLE wp_wfpendingissues; DROP TABLE wp_wfreversecache; DROP TABLE wp_wfsnipcache; DROP TABLE wp_wfstatus; DROP TABLE wp_wftrafficrates;Dave
Hi @mdonleyfinncorp,
That’s a good looking theme, but I suspect that is what’s causing the banner to not dismiss. Can you open the developer console (F12) and tell me what you see in Console / Network, when you try dismissing the banner?
Also try disabling the theme, and seeing if the banner dismisses permanently or not.
Dave
Hi @wclune,
Wordfence uses WordPress’ native mailer to send out alerts.
The settings might be under WP Mail SMTP (if you have that plugin installed) or try checking the email address from WordPress -> Settings -> General -> Administration Email Address.
Dave
That field should not become that large. Can you run the following query on your database to clear it?
update wp_wfconfig set val = '' where name = 'emailedIssuesList';This field stores the ignored scan results that shouldn’t be emailed, but I’m not sure why in your site this has gotten to be this large.
Dave
Hi @lunchglaz,
Can you make sure that the field
Where to email alertswithin Wordfence -> All Options is set to a valid email address?In this field: https://i.imgur.com/smA4MFm.png
Dave
Hi @m4gnetik,
I think you can get away with using
X-Forwarded-Forwithin the Wordfence settings. It will return the correct IP address and you’ll be able to use CloudFront and Wordfence together.As per the AWS docs:
CloudFront gets the IP address of the viewer from the TCP connection, adds an X-Forwarded-For header that includes the IP address, and forwards the request to the origin.Dave
Hi @macpheek,
You should be able to find this option under Wordfence -> All Options -> Additional Options -> Enforce strong passwords.
I’ve attached a screenshot for reference: https://i.imgur.com/05TqGWp.png
Dave
