wfmark

Hi @darkshadow316, Thanks for reaching out.

Have you made any changes to your Live Traffic settings recently? By default, the traffic mode is set to security only.  We recommend logging only security-related traffic, which includes successful logins, login attempts, and various types of blocked requests. Logging all Traffic may increase the load on your server.

If you would like to log All Traffic, you can enable the ALL TRAFFIC option under Wordfence > All Options > Tool Options > Live Traffic Options. 

You can learn more about Live Traffic feature here: https://www.wordfence.com/help/tools/live-traffic/

Thanks,

Mark.

Hi @tigrokon, thanks for reaching out.

The Wordfence security team constantly updates an extensive database of malware vulnerabilities and uses this database to create malware signatures. With these signatures, Wordfence conducts regular malware scans to identify attacks from human hackers or bots.  The scan looks at all your WordPress files and your website’s posts, comments, and pages to determine if an attack has occurred. If the scan identifies malicious code or a backdoor attack, you’ll get an alert when you log in to your website’s dashboard. If you prefer, Wordfence can send you an email notification about any security issues it identifies during a scan.

Our team writes detection signatures for new malware variants and regularly deploys those signatures to your Wordfence installation, giving you the ability to detect even the newest malware. Our malware signatures are used by your firewall to prevent hackers from uploading malware, and they are used by your Wordfence scanner to detect any malware in your filesystem.

The security scanner included with the free version of Wordfence alerts you when your site is running vulnerable or outdated plugins, themes, or core files. Additionally, our scanner compares your core files, themes, and plugins with known clean versions in the WordPress.org repository. It checks their integrity and allows you to repair changed files by reverting them to a pristine, original version. The Wordfence scanner also scans file contents for malware, bad URLs, backdoors, SEO spam, malicious redirects, and code injections, allowing you to delete malicious files. Wordfence-free users receive signatures to detect new malware 30 days after they are released to our premium customers.

I hope this helps. Let me know if you have any further questions.

Thanks,

Mark

Hi @willrv, Thanks for reaching out, and sorry to hear you’re having trouble with this.

Can you confirm the “reCAPTCHA human/bot threshold score” you have set in Wordfence > Login Security > Settings? The threshold is set to 0.5 by default. A higher threshold setting like 1.0 will cause the verification process to be more frequent as it would need to definitely be seen as a human to log in without verification and may cause valid users to be locked out. 

I recommend setting that to 0.5 and then using the “Run reCAPTCHA in test mode” option below that for a short time to see what sort of scores you see during your logins. You may need to reduce or increase the threshold score slightly after looking at the test mode score.

If you’re still having trouble logging in, please disable Wordfence manually via FTP/cPanel by following the steps below:

• Open the FTP client and connect to your site via FTP/SFTP, depending on your setup.
• Once you successfully connect to your site via FTP/SFTP, navigate to the wp-content folder.
• Browse into the plugins folder.
• Find the wordfence folder 
• Right-click on the folder and rename it to wordfence_bak
• Once you have logged in to your WordPress admin, you can name the folder back to Wordfence again.
• Refresh your dashboard, and you should be able to see Wordfence Active again. If not, go to the Plugins page and Activate it.

Once you log in, you can add your IP addresses under “Allowlisted IP addresses that bypass 2FA and reCAPTCHA” under Wordfence >Login Security >Settings >General. Remember to Save your settings.

Additionally, please note that if you use a custom login page, it can also cause 2FA and reCAPTCHA not to work right since our 2FA feature is only supported for the default WordPress login page and the login page for WooCommerce. 

Please let us know if this helps.

Thanks,

Mark

Hi @ashoklale,

I can’t seem to find your diagnostic in our inbox. Did you attempt to send it after all, or do you no longer need assistance?

Thanks,

Mark.

Hi @hobby365, thanks for reaching out.

Can you do the following so I can get the information I need to help you?

• Kill the existing scan if it is still running (The “Start New Scan” button turns in to a “Stop” button while the scan is running)
•  Go to your Scan > Scan Options and Scheduling page and locate the “Performance Options” Set “Maximum execution time for each scan stage” to 20 on the options page
• Click “Save Changes.”
•  Go to the Tools > Diagnostics page
• In the “Debugging Options” section, check the circle “Enable debugging mode”
• Click”Save Changes”.
• Start a new scan
• Copy the last 20 lines from the Log (click the “Show Log” link) or so of the activity log and paste them in the post.

On occasion, this fixes it straight away. That’s because adding 20 for the “Maximum execution time for each scan stage” tells the scan to pause every 20 seconds and start again where it left off. If this fixes the issue and scans run again, you can leave all the settings above except for “Enable Debugging Mode”.

If the above doesn’t solve your issue, please send a diagnostic report to wftest@wordfence.com. You can find the link to do so at the top of the Wordfence > Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.

Thanks

Mark. 

Hi @helenvrees , thanks for reaching out.

Have you, by any chance, made any recent changes to your WordFence settings? Loosening the security settings means that no user would get blocked while trying to access your site. This may explain why you’re not seeing any blocks on the report. 

Also, can you please confirm whether you’re seeing any details in the Recently Modified Files and Updates sections of the report, or is the whole report blank?

Please let me know.

Thanks,

Mark

Hi @soolee, thanks for reaching out and sorry to hear you’re having trouble with this.

I tested this on my end, but I didn’t get any errors.

Could you please try adding it manually in Wordfence > All Options > Allowlisted URLs then set something like the below:

URL: /path/to/script.php
Param Type: Query String
Param Name: theme_name

This could also be an issue with plugin/theme conflicts too. The best way to test is to run Wordfence and Beaver Builder as your only enabled plugins and also revert to a default theme such as Twenty Twenty-Three. If you are able to create entries on Beaver Builder, then reenable your plugins and theme one by one until it breaks again to help find the cause.

Let me know how it goes.

Thanks,

Mark.