Mark Maunder
Forum Replies Created
-
Hi,
I just want to confirm: Are you web server error logs empty? That shouldn’t be the case unless they’ve disabled logging. So if you could find the error log and please make sure there’s nothing Wordfence related in there, but that it is active.
Regards,
Mark.
Hi,
The version we’re about to release lets you add exclusions for cookies and user-agents. Would that help?
Regards,
Mark.
Hi Adrian,
Thanks for the feedback. Can you tell me a bit more about your site? Do you have a lot of pages? Are some of them very large? I’d like to understand how the cache could grow that large.
If you can share the URL of the site I’d like to take a look at the public website.
Regards,
Mark.
Oh sorry Per. I understand now. So you’re asking us to make sure that Wordfence pages specifically will work better on mobile devices.
OK I’ve noted your request and added it to our system.
Thanks for your feedback.
Regards,
Mark.
It’s used to track a user for the duration of their visit so that we can group their page views together. There’s an option to disable it at the bottom of the Wordfence options page which will make all hits look like a new visit in the Live Traffic if you have that enabled. If you don’t have live traffic enabled then there’s no impact.
Regards,
Mark.
This feature has been implemented and will be released in the Beta release going out tomorrow and into production later this weekend or Monday.
Regards,
Mark.
Looks like some of the Wordfence database tables were deleted. Check the box to remove Wordfence data on deactivation at the bottom of the WF options page. Then deactivate and reactivate the plugin. Then try. Should recreate the tables for you.
Regards,
Mark.
Hi,
There are many ‘tweaks’ floating around that really don’t improve security at all and create a lot of incompatibility and problems. This is known as security through obscurity – trying to hide things – and it isn’t that effective. Particularly in this case because if you view the source of your home page you’ll probably see all kinds of URL’s that clearly display where your wp-content folder really is.
Also there isn’t anything in wp-content that should be vulnerable if you’re running a site with everything upgraded.
However I’ve noted your comments and that some people choose to do this so I’ll see if we can detect where your wp-content is and add that to the falcon rules we add to .htaccess.
Regards,
Mark.
The other plugin is probably not reading the IP addresses of visitors correctly.
Wordfence has several ways of doing this – please see the option for “How does wordfence get IP’s” and work with your host to make sure this is set correctly.
It’s not possible for hackers to use proxies and appear to visit from non-routable private IP address ranges because public internet routers will just drop the packets.
Regards,
Mark.
Wow that sounds like a lot of work.
As long as you have strong passwords and have renamed your user accounts (and you’re using the author=1 scan protection we’ve just added to protect your login names) you should be quite secure. Hacking attempts are a fact of life and you don’t need to block every one of them – it’s just important that they not gain access.
Regards,
Mark.
Hi Per,
That’s not really something that we do. We provide security, we don’t provide admin themes for WordPress if I’ve understood you correctly.
Regards,
Mark.
Hi,
Wordfence does not lock you out of CPanel or FTP, so you should still have access.
Regards,
Mark.
Can you tell me why you renamed your wp-content folder? I’d like to get more insight into this.
You are correct that the rule above won’t work for you.
Regards,
Mark.
Hi Phil,
I’m not familiar with that product so I really can’t comment.
Regards,
Mark.
Wordfence is fully supported on LiteSpeed and we test it regularly.
Are you seeing anything in the error logs when the scan stops?
Regards,
Mark.