The fake Google crawler firewall routine is unforgiving in that it locks the site and leaves a nasty screen. I do not know how practical this method will assist the client's safety while leaving the site inaccessible to the public, client and admin. Ultimately the outcome makes the admin or site developer look bad.
Our staff concerning WordPress matters at Talking Manuals is observing complaints that the fake Google crawler firewall routine within Wordfence does more harm than good, in that it locks the entire site down and bars access to all for no apparent security reason. To unlock the site, you must strong arm and FTP to rename Wordfence. What is theoretically is a good thing, backfires.
When seen through the eyes of the client and the viewing public this kind of security measure is usually too harsh, unacceptable and embarrassing.
Possibly a better way is to block site accessibility for a set time upon detection of a fake Google crawler (and flag a report to the admin), then unblock and allow access. At present state, I would suggest Wordfence users not set this routine as active.
see complete product reviews for Wordfence: http://talkingmanuals.com/wordpress-plugin-reviews/wp-security