• Resolved eqr

    (@eqr2020)


    Hello Wordfence

    Today I purchased a Pro version of a plugin I’ve had on my site for a while. I am now getting an e-mail regarding hundreds of attacks, and I’m quite frankly confused as to what or where I’m supposed to do anything.

    Email gave me “Blocked for Discount Rules for WooCommerce < 2.1.0 – Multiple Vulnerabilities” and live traffic is giving me “Dublin, Ireland left (url) and was blocked by firewall for Discount Rules for WooCommerce < 2.1.0 – Multiple Vulnerabilities”.

    I disabled the plugin, and it seems that the live traffic stopped increasing in blockings.

    But I’m honestly very confused. What does it mean, really? The plugin is otherwise well-received and I’ve had the free version for a long time.

    What do I do regarding this?

Viewing 13 replies - 1 through 13 (of 13 total)
  • Plugin Support WFAdam

    (@wfadam)

    Hello @eqr2020 and thanks for reaching out to us!

    If you’re a Premium Wordfence Customer, I recommend opening a support ticket at https://support.wordfence.com. They will be able to assist you faster and more efficiently.

    Let me know if you have any issues with this!

    Thanks!

    Thread Starter eqr

    (@eqr2020)

    I am not currently Premium and understand that support is faster if I were, though I do still hope you can get back to me regarding the problem.

    I really have no idea what to do about it. I’ve kept the plugin disabled since, but it’s a commonly used plugin that I just upgraded.

    Thread Starter eqr

    (@eqr2020)

    Still waiting to hear what I ought to do about this. 🙂

    Plugin Support WFAdam

    (@wfadam)

    Sorry @eqr2020, I misread your post!

    The error seems to mention using an older version of WooCommerce. Can you send a diagnostic report to wftest @ wordfence . com? You can find the link to do so at the top of the Wordfence Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.

    Thanks!

    Thread Starter eqr

    (@eqr2020)

    Thank you!

    I sent the report – though I haven’t enabled that plugin since, and it’s been a week. Should I have enabled the plugin when I sent the report?

    Plugin Support WFAdam

    (@wfadam)

    Disabled Wordfence or WooCommerce?

    Thread Starter eqr

    (@eqr2020)

    Oh neither, but the plugin that caused the errors. (Woo Discount Rules + Woo Discount Rules Pro).

    Plugin Support WFAdam

    (@wfadam)

    Thanks for sending the diagnostics @eqr2020

    Let’s try to run Learning Mode to resolve this. I have seen this a few times in the past with other WooCommerce plugins. From the Wordfence Dashboard click on Manage WAF. Then you will see Basic Firewall Options > Web Application Firewall Status. Change the option to Learning Mode. Now perform the actions that were causing issues. This will help Wordfence learn that these actions are normal and it will allow them in the future. After you have finished performing the actions, switch the WAF from Learning Mode back to Enabled and Protecting. Now test to see if these actions work correctly.

    https://www.wordfence.com/help/firewall/learning-mode/ is an amazing resource for learning more about the WAF and learning mode.

    Let me know if this helps!

    Thanks!

    Thread Starter eqr

    (@eqr2020)

    Is the plugin safe to use then?

    I don’t understand the errors it was giving me, so I am worried if it is able to access my site in an undesired way.

    Plugin Support WFAdam

    (@wfadam)

    We always recommend keeping all plugins up to date. I believe that 2.1.0 is an older version of WooCommerce. Any reason you haven’t updated it?

    Thanks!

    Thread Starter eqr

    (@eqr2020)

    I am running WooCommerce version 4.7 and have since it was released. My site didn’t exist when WooCommerce ran 2.1 (which was in 2014, by looking at their logs. My site is from this year).

    So I’m a little confused what suggests it’s running such an old version?

    “Woo Discount Rules” is called version 2.3.2, and that’s the plugin throwing me errors.

    • This reply was modified 3 years, 10 months ago by eqr.
    Thread Starter eqr

    (@eqr2020)

    I’m marking this as resolved, as I enabled the plugin causing errors (no updates have happened to it though) and I am not receiving that message anymore.

    Thanks for your support. I have no idea why any of it happened, and am very confused if it seemed to think I was using an older version of WooCommerce.. but since it works right now, I’ll just move on and keep an eye out if anything happens again.

    Plugin Support WFAdam

    (@wfadam)

    Let me know if it shows up again.

    Thanks again!

Viewing 13 replies - 1 through 13 (of 13 total)
  • The topic ‘“was blocked by firewall for Discount Rules–” I am confused. What’s up?’ is closed to new replies.