WFBrian
Forum Replies Created
-
Hi,
It should be cleared at the start of each scan automatically. I’m going to link you to another thread where Tim explains how to empty. See if that gets the behavior back to normal.
https://wordpress.org/support/topic/emptying-wfhoover-database-table?replies=3
-Brian
Hi Frederik,
Any IP that breaks a rule should be locked out for however long you have “How long is an IP address blocked when it breaks a rule” set. The default is 5 minutes.
Are you saying this is not functioning on your site? How long is your block time?
Thanks!
BrianHi,
Do you have Falcon or basic cacheing enabled? wfcache is the folder we use to store the cache files (short for wordfence cache). So that folder should be there if you’ve enabled cacheing or have enabled cacheing in the past and is not malware.
The cacheing features we offer would be unrelated to any spam you are receiving. You’d want to check with the captcha plugin and/or contact form developers on that issue.
Thanks!
BrianHi,
First, make sure you meet the system requirements. Especially RAM.
http://docs.wordfence.com/en/Wordfence_system_requirements
If you have a shared hosting site or barely meet the system reqs, you may want to disable live traffic. You’ll still see all the information, just behind real time. It uses a lot less resources.
You can also adjust the update frequency time of Live Traffic.
http://docs.wordfence.com/en/Wordfence_options#Update_interval_in_seconds
Let us know if you have any more questions,
BrianExcellent. Marking as resolved.
-Brian
Hi AG,
What you are seeing is a normal mode of probing for access. Bots are using these strings hoping to find a vulnerability in the username and then will attempt to crack the password when they find a username match. Wordfence is doing it’s job and letting you know the names of attackers are trying on your site. As long as you don’t have any users with those names, you’ll be fine.
-Brian
Hi,
Did you select the option to Remove all Table data? That option completely removes everything once you remove the plugin.
Thanks!
BrianHi,
How long do you have your lockout time set? Locks default to expire after 5 minutes.
If the attack is coming from the same IP address over and over, you can block the IP permanently. Select the IP in Live Traffic and click Block. Then go to Blocked IP’s and then click Make Permanent on the offending IP.
Thanks,
BrianHello,
I just checked on a site running 4.2.2 and 6.0.3 and it’s still available. It’s under Options>How Does Wordfence Get IP’s.
Are you not seeing the option?
-Brian
Hi,
Are there any file names where the scan is getting stuck? If so, you should try excluding that file from the scan.
You also may want to try removing the plugin and all table data (under Options), reinstalling, and then try scanning again.
-Brian
Hi,
Here are instructions to unlock a site. Let me know know if these pertain to your situation or not.
Thanks,
BrianHi,
Did you also check the box to delete all table data on removal? You’ll want to do that, remove, and then reinstall.
Thanks!
BrianHi Pat,
Thanks! Take a look at this document on Firewall settings:
http://docs.wordfence.com/en/Wordfence_options#Firewall_Rules
You’ll want to adjust your settings from Unlimited, which is essentially having the Firewall off, to the recommendations in the document. The suggested settings are just a starting point so you may have to tweak the settings.
Hope that helps,
BrianHello,
Is there a specific file that it is getting stuck on? Telling Wordfence to ignore the file it is hanging on may allow the scan to complete.
Sounds like you’ve read this document. You may want to keep experimenting with the setting.
-Brian
Hi Sally,
I’d say as long as you do not have an account on your site that uses your real name, then you are fine. I can’t think of anything else you could do to prevent it as long as your name is out there on the internet.
-Brian