WFBrian
Forum Replies Created
-
Hi Mike,
Will you please send the file to samples@wordfence.com and include that it was not detected in the scan? That will get in the queue to get evaluated.
-Brian
Hi,
Has anything on your site changed recently? Have you added any new security plugins?
A blank user agent usually indicates non-human/bot traffic.
-Brian
Hi,
If you can provide some more info, I’ll do some digging and see what I can find.
What files were infected? Was it a theme? Are you on a shared host?
Thanks!
BrianHi,
Please enable the debugging mode for cached pages.
This will add code to your cached pages and you will be able to tell whether the pages are caching correctly. Let us know the results.
Thanks!
BrianHi Stan,
Just so I’m clear, everything was working normally until the time change? Will you provide a screenshot of what you are seeing? What kind of host are you on (shared vs dedicated) and what type of server?
Thanks,
Brian@lgraves312 – Due to forum rules we are not allowed to provide support for our paid premium version here. Please go to the following URL, login, and create a Premium Support ticket. They will get you an answer.
Thanks!
BrianHi there,
That is not normal. Maybe something wrong in the database. I’d suggest removing the Wordfence tables in the DB and trying to reinstall Wordfence again. Since you can access your site after deleting the WF folder, try the following…
-Install the Wordfence Assistant plugin. You can find it by going to Plugins and Add New. Then do a search for “wordfence assistant” without quotes. You can also find it on this page in the official Wordfence plugin repository.
-Use Wordfence Assistant to Delete all Wordfence data in your database.
Try to install Wordfence again. Let us know if that helps or the issue continues.
Thanks!
BrianThanks! Will you enable your JavaScript console and try to load that page? Do you see any errors? Here is how to enable the console:
http://docs.wordfence.com/en/You_guys_wanted_me_to_open_the_JavaScript_console_-_How_do_I_do_that%3F
Thanks!
BrianHi,
Will you please post a screenshot of what you are seeing? That will help us troubleshoot.
Thanks!
BrianHi,
I’ve alerted the Premium Support team. Stay tuned for follow-up.
Thanks!
BrianHi,
Glad you like it! Do you have an email address populated here under Options?
I have it blank on one of my sites and I do not receive the email alerts. That’s the first place to check.
-Brian
Hi,
You can adjust the amount of email you receive per hour under Options->Alerts. You could try setting this to 1 and you’d only get 1 email per hour.
We do offer a Summary email feature but it is configured separately from the Alerts. Something to consider is creating a rule in your email that routes the alerts to a folder and skips the inbox. You’d then be able to check the new alerts folder as you see fit.
Thanks!
-BrianHi,
Sorry for not being clearer. My point was that there are plugins out there that only restrict access to the password reset form. Since we do not offer that currently, using one in addition to WordFence might get you the functionality you are after now. I can definitely add your suggestion to our list. We evaluate all user suggestions but cannot guarantee a feature will be added.
It is very concerning that there are constant attacks on websites. Before I used WordFence, I had no idea how much my sites were being attacked. We’ll never be able to stop the attacks, but we can take precautions to limit the risks. Not having a user named “admin”, using strong passwords, keeping themes and plugins up-to-date, using protection like WordFence are all examples of tactics to limit the risk. I’d be much more concerned if attackers were trying to access your site with actual user names in your database. The tactic you are seeing is basically guess a username and if it exists, attempt to break the password. To my point, since the user they are attempting to use does not exist in your database, they cannot use it to access your site.
-Brian
Hi,
I know there are plugins out there that can disable the password reset form. You might want to do a search and see if one fits your needs.
I think you are well protected. First, the attackers are tying to access the reset password page for users that do not exist so there is no password for them to change. Second, WordFence is restricting the attackers by locking them out when they use an invalid name to try and login to the password reset page.
Hope that helps,
-BrianHi,
We have a support document on cleaning a hacked site. It’s a great resource to get you started.
https://www.wordfence.com/docs/how-to-clean-a-hacked-wordpress-site-using-wordfence/
As to how it could happen, it could be several things. Usually, it stems from running an older version of WordPress, a 3rd party theme, or plugin that has a vulnerability. A user account can be compromised too. At this point, change all users passwords and make sure WordPress, themes, and plugins are all up to date.
-Brian