wfmark
Forum Replies Created
-
Hi @kristinubute, Thank you for reaching out.
There should be no issue with restoring a backup when Wordfence is active.
We only recommend that you first remove Extended Protection mode if you are migrating your site to a new server from the Wordfence> Firewall> Manage WAF page. When your site has been migrated, you can then optimize the firewall again.
In the rare case that issues come up, you can always create a topic here and we will be happy to assist.
Let me know if you have any further questions.
Thanks,
Mark.
Hi @romanofw, Thank you for reaching out.
Could you please provide more details on the second problem “why I can’t enter any admin-functions? “?
Additionally, please send a diagnostic report to wftest @ wordfence.com. You can find the link to do so at the top of the Wordfence > Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.
NOTE: It should look as follows – Screenshot of Tools > Diagnostic > Send by Email
Thanks,
Mark.
Hi @voiceguy, Thank you for reaching out.
Can you try deleting the Wordfence plugin and reinstalling it? You may have to remove all the tables and data when it asks you as well.
You can also troubleshoot this by disabling all plugins except for Wordfence and reverting temporarily to a default theme. If you can now confirm the installation, re-enable your plugins and theme one-by-one to see whether problems with Wordfence return, and which plugin might be the cause.
Thanks,
Mark.
Hi @user, Thank you for reaching out.
Yes, you can. As soon as you enable 2FA you will be asked to scan the QR code. Scan it with Google Authenticator on both your phones. As a result, your phones will generate the same one-time passwords.
Thanks,
Mark.
Hi @intruthshedelights, Thank you for reaching out.
We have had similar reports from other customers that were resolved by disabling the Coming Soon Page, Maintenance Mode, Landing Pages & WordPress Website Builder plugin by SeedProd: 6.15.22.
Are you running that plugin and, if so, does deactivating that plugin or updating it to version 6.15.23 resolve the issue in your case ? You might have to clear your browser cache as well.
Let me know how it goes.
Thanks,
Mark.
@toondg, Thank you for reaching out to us.
By default, only admins are allowed to use 2FA, or super-admins on multisite installations. You can enable 2FA for other roles on the site, and each user can manage their own 2FA devices. Non-admin users will see a separate Login Security menu on the WordPress menu when you enable 2FA for their roles.
https://www.wordfence.com/help/login-security/ is an amazing resource for learning more about 2FA.
Thanks,
Mark
Hi @kristinubute, Thank you for reaching out.
We have not had a case before where Wordfence caused any issues while trying to update other plugins or WordPress before. I would recommend setting up a Staging or Development site where you can test plugin, theme, or WordPress Core updates to make sure everything is working as expected before making changes on your live site.
We have a guide on how to upgrade WordPress core, themes or plugins manually if you have set restrictive file permissions on your site , please see: https://www.wordfence.com/learn/how-to-manually-upgrade-wordpress-themes-and-plugins/.
As for Backupbuddy, this could also be an issue with plugin/theme conflict. The best way to test is to run Wordfence and Backupbuddy as your only enabled plugins and also revert to a default theme such as Twenty Twenty-Three. If you no longer have issues, then re-enable your plugins and theme one by one until it breaks again to help find the cause.
If you have issues with Wordfence and Backupbuddy as your only enabled plugins, I would suggest you try switching the Firewall to Learning mode as it might help Wordfence allow the full functionality of Backupbuddy. From the Wordfence Dashboard, click on Manage WAF. Then you will see Basic Firewall Options > Web Application Firewall Status. Change the option to Learning Mode. Now proceed to take back up of the site. This will help Wordfence learn that these actions are normal, and it will allow them in the future. After you have finished the back up, switch the WAF from Learning Mode back to Enabled and Protecting, then test to see that it still works.
https://www.wordfence.com/help/firewall/learning-mode/ is an amazing resource for learning more about the WAF and learning mode.
Thanks,
Mark.
@kristinubute, Thank you for reaching out.
This could also be an issue with plugin/theme conflict. The best way to test is to run Wordfence as your only enabled plugin and also revert to a default theme such as Twenty Twenty-Three. If you no longer see the errors, then re-enable your plugins and theme one by one until it breaks again to help find the cause. You could also try clearing cache (site plugins and local browser).
Let me know how it goes.
Thanks,
Mark.
Hi @rjyoder07, Thank you for reaching out to us.
I am glad that you were able to figure it out.
This was most likely a plugin/theme conflict. When that happens, we always suggest clearing cache (site plugins and local browser) and disabling all other plugins except for Wordfence, then trying again to see if there’s a plugin or theme conflict causing the issue. You could also revert to a default theme, such as Twenty Twenty-Three.
If it works as expected, then re-enable your plugins and theme one by one until the issue recurs to help find the cause.
If there’s a plugin or theme conflict, I would suggest changing the Wordfence Web Application Firewall into Learning Mode. From the Wordfence Dashboard, click on Manage WAF. Then you will see Basic Firewall Options > Web Application Firewall Status. Change the option to Learning Mode. Now confirm whether everything works well. Once done, switch the WAF from Learning Mode back to Enabled and Protecting and test to see whether all is good.
https://www.wordfence.com/help/firewall/learning-mode/ is an amazing resource for learning more about the WAF and learning mode.
If it happens again you could also share a screenshot and so we can take a look.
Thanks,
Mark.
Hi @psypat, thank you for reaching out.
Have you added the URLs to the “Immediately block IPs that access these URLs“ section under Wordfence > All Options > Advanced Firewall Options ?
If so, can you please share a screenshot of the URLs and send me a diagnostic report so that I can test that by accessing the URLs.
You can send the diagnostic report to wftest@wordfence.com directly using the link at the top of the Wordfence > Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.
NOTE: It should look as follows – Screenshot of Tools > Diagnostic > Send by Email
Thanks,
Mark.
@jp5633,
One possible cause is that you have an antivirus/antimalware program on your computer which is trying to check URLs on your site, or that the email host you use is checking URLs that appear in notifications you receive by email, like the alerts that Wordfence sends when an admin logs in.Could you please share a screenshot of the blocks you’re seeing on the Blocking page and on Live Traffic when this happens, so I can take a look and see if anything else stands out?
Be sure to enable the “Expand All Results” option at the top right of the Live Traffic page, so we can see all the details. Obscure any sensitive information from the screenshots or , send them to wftest@wordfence.com and add your Forum username to the subject.
For password recovery, even if the attackers guess the correct username, the site should only send a password reset link to the admin’s own email address, so attackers shouldn’t be able to use it.
Thanks,
Mark.
Hi @mar1as,
Just checking in.Could you please confirm whether creating a new standard user on WordPress and adding them into the booking system worked. I suspect it could be an issue with the way the Custom Salon Booking System creates its roles.
Thanks,
Mark.
Hi @kalmarnet, thanks for getting in touch!
Have you hidden your WordPress login pages with a plugin? Some plugins and operations require the default WordPress paths so it could be worth disabling any plugins that modify this location and see if the authentication issue gets solved.
Currently, Wordfence’s 2FA and reCAPTCHA only work with default login/registration pages for WordPress and WooCommerce so custom paths and pages will likely encounter problems such as this.
Thanks,
Mark.
Hi @missyklotz, thanks for getting in touch.
If you feel that these are notifications of a severity you’d rather not receive generally because the events occur fairly often, you will need to change the Email Alert settings located in Wordfence > All Options > Email Alert Preferences.
I would suggest if you wanted to receive an absolute bare minimum, I would keep the following active for security reasons:
Email Alert Preferences Screenshot- Email me if Wordfence is deactivated
- Alert me with scan results of this severity level or greater: Critical or High
- Alert me when someone with administrator access signs in & Only alerts me when that administrator signs in from a new device or location
Once again these are just a suggestion, you can choose what settings fit best for you. Keep in mind by deactivating these notifications, you may be lowering your ability to quickly react to an attack or vulnerability.
However, if this is a message that looks to be sent repeatedly, your web server may be having an issue with the email software on it. Usually, a restart of postfix or sendmail (whichever is installed) can fix it. Your hosting provider may need to help with this.
Let me know how you get on, and feel free to copy the email text you receive (with sensitive information obscured) here if neither of the methods above are appropriate.
Thanks,
Mark.
Hi @southy65, thank you for reaching out.
This looks like a potential plugin conflict, which we have seen with Wordfence plugin activation in the past. I would recommend trying to run Wordfence with no other plugins enabled and a default theme such as Twenty Twenty-Three and seeing if the problem persists. If it works, complete the Wordfence installation and enable your other plugins one-by-one followed by your theme to see when the problem is reintroduced.
If the above step fails, you could also do a complete reinstall of the Wordfence plugin by enabling the option “Delete Wordfence tables and data on deactivation” under “Dashboard” > “Global Options” page. Expand the “General Wordfence Options” section.Remember to save the changes. If you then deactivate the plugin, all Wordfence files and database tables will be deleted. You can then choose to activate Wordfence to start with the default configuration.
Thanks,
Mark.
