Hi @jduffell, thanks for detailing your issue thoroughly.
There can sometimes be issues with permanently allowlisting specific false-positive blocks if there are totally unique IDs sent every time, but I’d certainly try to enable Learning Mode first to see if you can permanently suppress the message. You can read more about this (and also a method of allowlisting from the feedback you see about the block on the Live Traffic page) here: https://www.wordfence.com/help/firewall/learning-mode/
Simply attempt to use the WP All Import functions that were causing problems while that mode is enabled, then see if it persists after returning the firewall to “Enabled and Protecting”. If it does persist, there can be blocks specifically related to the uploading of files from time-to-time.
If Wordfence is blocking the CSV specifically, attempts will be logged in Live Traffic from the timestamp when the upload was attempted. If there is a block, check the red block reason after expanding the entry with the eye icon in the corner. You can filter Live Traffic by “Blocked” so it’s easier to find. You may find a specific firewall rule named after expanding the entry as the reason is shown in red text.
If the block was caused by a firewall rule and they were trying to upload a filetype your WordPress installation is set to allow, there have been cases when customers needed to disable one related to uploads. There are usually 3 possible firewall rules involved when somebody uploads a file to your site. “Malicious File Upload“, “Malicious File Upload (PHP)“, and “Malicious File Upload (Patterns)”.
There are layers to how uploaded files are checked, so you may find that files are disallowed by one of the above rules. Some customers see false-positives from time-to-time as PDF or image files can easily match malicious PHP code patterns such as <? when viewed as text. If you have to turn one of the rules off for this reason, a different stage of the checking process will still scan the file(s) and still provide security.
Many thanks,
Peter.
