wfmark

Hi @sgumby,

I apologize for the confusion earlier.

I confirmed that we don’t have an alert for users who only get a notice that they’re using a leaked password, while logging in from an IP they’ve logged in from before — we only have Alert when someone is blocked from logging in for using a password found in a breach at the moment.

We have added this as a feature request for consideration. While we can’t provide ongoing updates here on the forums or comment on possible delivery dates, any features we add will appear in our changelog when new versions of the plugin are released.

Regards,

Mark.

Hi @sgumby, thank you for reaching out.

All email alerts are sent to the email that you have under Wordfence > Wordfence Global Options > General Wordfence Options > Where to email alerts.

It can be challenging to directly determine which specific site your password has been leaked on.

The option “Prevent the use of passwords leaked in data breaches” under Wordfence > Firewall > Brute Force Protection > Manage Brute Force Protection alerts and prevents users from logging in with a password that exists on a list of passwords leaked in data breaches.

Thanks,

Mark.

Hi @seppi ,

Thank you for reaching out.

To request a free key from the license page, you must first have a registered wordfence.com user account. From the license page, select the “Get a Free License” button at the top of the page. This will launch a pop-up that requires a site URL before you can select “Get a Free License” to receive your new Free license key. Your new key can then be copied and pasted into the Wordfence Security plugin by selecting the option to “Install an existing license” from the WordPress Plugins page.

https://www.wordfence.com/help/api-key/ is an amazing resource for learning more about installing license keys.

Let me know how it goes.

Thanks,
Mark.

Hi @dzaleu, thank you for reaching out.

I’ll be happy to provide you with instructions on how to get back into your site. There are two ways to get back into the site.

The first way is if you have added the site in Wordfence Central (a free site management tool in your account on wordfence.com):

• Login to Wordfence.com and look for the Configuration tab.
• Click the gear icon at the end of the row that the site you need to access is on.
• Scroll down to the Login Security Options section and expand it by clicking the small black arrow to the right.
• In the section that says “Whitelisted IP addresses that bypass 2FA” add your public facing IP address.
  NOTE : You can get your public facing IP by clicking this link.
• Scroll back to the top of the screen and save the changes.
• You should now be able to login to your site with just a username and password.

If you haven’t added your site to Wordfence Central follow these steps:

• Please use FTP/SFTP — or any file manager your web host provides via their administration panel.
• Look inside the /wp-content/plugins/ directory and rename the wordfence directory to wordfence.bak. This will deactivate Wordfence and allow you to login without the 2FA code.
• Once you have logged in to your WordPress admin you can name the folder back to wordfence again.
• Go to your user profile and add 2FA back to your account, making sure to download the backup codes in case of problems in the future.

If you have any other trouble logging in feel free to reach out here.

Thanks,
Mark.

Hi @lloy0076, thank you for reaching out.

Your email should be allowed after a short period of time.

Let me know if the error persists.

Thanks,

Mark.

Hi @jeriss,

Apologies for the delayed response. I mistakenly forgot to enable notifications for new responses on this topic.

As all the permissions are okay, the size of the tables (wffilemods and wfknownfilelist) may be explained by the number of files being scanned on the site. If there are other sites in subdirectories outside WordPress core files that are included in the scan, you can exclude them from this site’s scan to reduce the number of files.

Thanks,

Mark.

Hi @daro2013, Thanks for reaching out to us.
​
You can manually run the following database query to clear out your firewall rules and force an update of new fresh rules that do not contain the problematic rule. Please use phpMyAdmin to run the query. If you haven’t used this tool before, we strongly recommend contacting your hosting provider for assistance.

The database query is:

DELETE FROM wp_wfconfig WHERE name=’wafRules’

Please note: The table prefix may be different from wp_ if you or your hosting provider changed it.

If you have had Wordfence installed for many years, you may have some database tables that include upper and lowercase letters (also referred to as ‘camelcase’). In that case, the query you would run would be:

DELETE FROM wp_wfConfig WHERE name=’wafRules’

Please note: We recommend making a backup of your database before running this query.

As a last resort, you can temporarily disable the Wordfence plugin by renaming the directory <span style=”box-sizing: border-box; margin: 0px; padding: 0px;”>where it is installed to a temporary name like wordfence.</span>disabled. That will disable Wordfence, but your site will be unprotected. You will then need to run the query above before renaming the directory back to Wordfence and re-enabling the plugin.

If you have any questions or concerns, please let us know.

Thnaks,

Mark