Support » Plugin: Wordfence Security - Firewall & Malware Scan » slew of worrisome logins as “”

  • Starhorsepax2


    I can’t tell if its something wrong with wordfence, wordpress or a hacker. I’ve seen it start to come up on other sites and then vanish but this one it just keeps going. I’ve turned off caching in every plugin and its a monster now, every few seconds.

    unknown location at IP arrived from and left and tried to access non-existent page visited was at logged in successfully as “”. logged out successfully. requested a password reset. attempted a failed login as “”. attempted a failed login using an invalid username “”. changed their password.
    Invalid Date Invalid Date (NaN seconds ago) IP: [unblock] [unblock this range] [block]

    How do I make it STOP?

Viewing 11 replies - 1 through 11 (of 11 total)
  • Hi starhorsepax2,
    It will be helpful if you can share with us a screenshot showing this entry in the “Live Traffic” to get a better idea about this issue.


    While being on the “Live Traffic” page, please check the browser console for any JavaScript errors, also try to disable all your other plugins and re-check this issue.

    Let me know how it goes,

    I see this but flipping off the plugins I don’t use on all the sites working doesn’t seem to have any effect. It did have various caching plugins but they’ve all been disabled.
    SyntaxError: unterminated string literal
    Knockout JavaScript library v3.3.0 and its coming from the wordfence plugin

    • This reply was modified 1 year, 11 months ago by  Starhorsepax2.

    Most probably this JavaScript error is caused by another plugin that conflicts with Wordfence, it’s not about disabling plugins that you don’t use, you will need to disable all active plugins -except Wordfence- and re-check this issue then you can try activating the plugins again one by one till you find the culprit.

    Note: make sure to clear cache from the caching plugin and from the browser.


    Oh. what I meant was: I maintain a lot of sites and I use those plugins on all of them with wordfence…and it doesn’t conflict on any of the others so I ruled those out. (Very suspicious of the caching plugins leaving stuff though.)

    Which caching plugin did you use? do you have any plugin with JS minification option?
    Please share a screenshot showing this error in the browser console.


    Error log shows a bunch of these kind of things (blocking private cpanel table name out with the- —) [02-Nov-2016 03:34:05 UTC] WordPress database error Table ‘————_wfNet404s’ doesn’t exist for query select count(*) from wp_wfNet404s made by do_action(‘wp_ajax_nopriv_wordfence_doScan’), call_user_func_array, wordfence::ajax_doScan_callback, wfScan::wfScanMain, wfScanEngine->go, wfScanEngine->doScan, wfIssues->getSummaryItems, wfIssues->updateSummaryItems

    similar ones show for other tables.

    what .. tables gone poof even thought hey show in phpmyadmin?

    in firebug the error I get is here:

    looks like caching/optimizing plugins tried were these (um, maybe ALL of them at one time or another?!) : JS & CSS Script Optimizer, Async JavaScript, Autoptimize, WP Super Minify

    All except Super Minify are off and I have used that with Wordfence before without issue.

    • This reply was modified 1 year, 11 months ago by  Starhorsepax2.
    • This reply was modified 1 year, 11 months ago by  Starhorsepax2.

    quick feedback about autoptimize;
    * it is not active on wp-admin (so it could not cause the problems in “live traffic”, which is backend stuff)
    * you can disable it on a per-request basis by adding ?ao_noptimize=1 to any URL

    hope this clarifies,

    @futtta thanks for your feedback!

    @starhorsepax2 open wp-config.php file and let me know what you have set for $table_prefix there? because I can two different table prefixes are mentioned in the error log above.

    I suggest enabling “Delete Wordfence tables and data on deactivation” option under (Wordfence > Options) then disable Wordfence plugin and delete it, after that you can re-install it again and it will be as if it has been activated on your website for the first time.

    Regarding the JavaScript error, are you using any CDN service? did you try different browsers? I suggest trying Chrome incognito mode, also try re-checking this issue after re-installing the plugin again.


    🙁 belatedly getting back to this. The prefix is wp I think.

    Unfortunately I’m getting back to it because this site among others is one my host is reporting has been hacked thru the wflogs.

    That may be unrelated to this but due to that i did try deleting the entire plugin/all tables and everything related and reinstalling. No change to this issue.

    We aren’t using a CDN.

Viewing 11 replies - 1 through 11 (of 11 total)
  • The topic ‘slew of worrisome logins as “”’ is closed to new replies.