Mark Maunder
Forum Replies Created
-
Hi all,
This was fixed in 5.3.3.
Regards,
Mark.
Done. It will be released in Wordfence 5.3.2 and the documentation is up:
http://docs.wordfence.com/en/WhitelistIP
Expected ETA for 5.3.2 is later this week or early next. So in your next release you should switch to the public function once we’ve released 5.3.2.
Thanks for being super responsive and fixing this issue in record time!!
Regards,
Mark.
Wordfence does scan all your files, what makes you think we aren’t?
Regards,
Mark.
It looks like your server might not be able to contact the Wordfence scanning servers. Please try the connectivity tester which is a link at the bottom of the Wordfence options page.
Regards,
Mark.
That’s very strange. Is it possible it’s an old email that was just delayed? It may have been stuck in your hosting provider’s email queue and it may have been you that logged it. Does it show an IP address or location? Compare that against your own IP address which you can find out by visiting whatsmyip.org.
Regards,
Mark.
The infinite loop message was triggered because the number of times Wordfence “forked” which means the number of times it launched a new scan stage exceeded 1000.
That’s too high and your scans shouldn’t take that long so we put that in as a safety measure to stop a scan that appears to just be going round and round.
Please try setting the maximum time for each scan stage to 60, save and try another scan. See if it completes or at least gets past the first 2 minutes.
If not, then lower it by 5 seconds, save and try again and keep doing that until it makes progress. This will make each scan stage as long as possible (and you can try larger than 60 if 60 works for you) which will increase performance and reduce the number of forks.
Regarding excluding files. You can enable Wordfence debug mode to see which files are actually being scanned. however note that it will slow your scans drastically so just use it to check which files WF is actually looking at. Then kill the scan, disable debug mode and start a new scan.
Regards,
Mark.
Yes please try turning off live traffic. It looks like your theme developer may not have used the correct methods to add data to your site header which is conflicting with our code. We do inject our live traffic JS in the correct place during execution, so please ask your theme developer to investigate this.
Regards,
Mark.
How do you know Wordfence is causing this problem?
Do you have Falcon Cache enabled?
Regards,
Mark.
Hi,
Please put Wordfence into debug mode. Instructions here:
http://docs.wordfence.com/en/Wordfence_options#Enable_debugging_mode_.28increases_database_load.29
Then do a scan and check where the scan stops. It looks like WF is trying to open a file that is actually not a file but a device driver or something else. Debug mode will let you see which file it gets stuck on.
Regards,
Mark.
By the way, a quick fix for this appears to be the following:
Disable iControlWP. Go into Wordfence options. Delete all the array,array,array entries in the whitelisted field. Save. You should be good to go. If you enable iControlWP again they will immediately re-appear.
Regards,
Mark.
OK I found the problem. You’re all using the iControlWP plugin which is directly modifying Wordfence data and trying to whitelist their server but messing it up and corrupting Wordfence data.
Obviously you need to tell them to fix their bug and help you fix your websites.
But what really concerns me here is they’re modifying our data using undocumented non-public function calls that we will change in future and when they do, here’s what will happen:
See the big white screen that my test site generated? That’s what happens if we change the name of our wfConfig::get() function and you’re using iControlWP. That is why we do not want other plugin or theme developers reaching into Wordfence and calling our functions that are not public API functions, or directly modifying our data.
We’re happy to work with vendors if they want a public API call that makes Wordfence do things. As you can see we already have two calls on our docs home page: http://docs.wordfence.com/en/Wordfence_Official_Documentation#Wordfence_API
So if you are a vendor and want Wordfence to do things, contact us. Don’t use a hack solution that will break your customer sites.
Regards,
Mark.
Hi All,
I’m working on this now. Can one of you do me a favor: If you’re running the newest version of Wordfence, export your database using the export button at the bottom of Wordfence options. Then email me the token. Send it to mark@wordfence.com.
Alternatively, if you could give me admin access to your site that would probably resolve this faster. Contact me at mark at wordfence.com.
Thanks.
Hi James,
We don’t offer that feature. We only offer two-factor login (also called cellphone sign-in) and it’s a premium feature. So I think you used someone else’s plugin.
Regards,
Mark.
Hi,
This is really a WordPress or a hosting problem. Your permissions are set so that WordPress can’t upgrade you automatically. Please log a call with your hosting provider to fix your file permissions.
Regards,
Mark.
Hi Avery,
Wordfence does not currently support IPv6. Sorry.
Regards,
Mark.