wfmark
Forum Replies Created
-
Hi @jasonmac_75 , thanks for reaching out.
I suspect this could be a caching or a plugin conflict related issue. Please clear cache on your browser and on your caching plugin (If applicable), then check for conflicts.
The best way to test for conflicts is to run Wordfence as your only enabled plugin and also revert to a default theme such as Twenty Twenty-Three. If you are able to log in, then re-enable your plugins and theme one by one until the issue recurs to help find the cause.
Additionally, please send us a diagnostic report to wftest@ wordfence.com? You can find the link to do so at the top of the Wordfence > Tools > Diagnostics page. There, click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.
Let me know how it goes.
Thanks,
Mark.
Hi @withabitofgrace, thanks for reaching out.
From the description above, it looks like you were locked out exceeding the maximum login failures set under Brute Force Protection settings. The block should expire after the amount of time set in Wordfence > All Options > Brute Force > Amount of time a user is locked out.
If you’re still locked out, you can try using the unlock email function provided on the block page for site administrators.
If the option above doesn’t work for you, you will need to disable Wordfence manually via FTP/cPanel.
- Open the FTP client and connect to your site via FTP/SFTP, depending on your setup.
- Once you successfully connect to your site via FTP/SFTP, navigate to the wp-content folder.
- Browse into the plugins folder.
- Find the wordfence folder
- Right-click on the folder and rename it to wordfence_bak
- Once you have logged in to your WordPress admin you can name the folder back to wordfence again.
- Refresh your dashboard and you should be able to see Wordfence Active again. If not, go to the Plugins page and Activate it.
Let me know in case you still have issues.
Thanks,
Mark.
Hi @smwordpress , thanks for reaching out.
\x0A is a non-printable/hidden character.
I suspect this could be a false positive because the NatWest plugin is sold separately and is not listed on wordpress.org. Sometimes, plugins create files containing code that appears similar to malicious files but is not actually malicious.
To confirm, could you please provide the scan result information along with a copy of the file being flagged to samples@wordfence.com for our threat intelligence team to check out? Make sure any passwords, keys, or salts are censored prior to sending any files that might contain them.
You can choose to ignore this scan result so that it does not appear in subsequent scans under the “Results Found” tab. It will appear under the “Ignored Results tab instead.
Thanks,
Mark.
Hi @voodoochill , thanks for reaching out.
Are you using reCAPTCHA on your login pages? Any “Verification Required” messages and emails are related to the message Google will send back when the user fails to be confirmed as human by reCAPTCHA checks.
We don’t receive inside information from Google about why a human may sometimes receive a low enough score to always require verification. The “reCAPTCHA human/bot threshold score” setting in Wordfence > Login Security > Settings is set to 0.5 by default. Setting that to 1.0 will cause the verification process to be more frequent as it would need to definitely be seen as a human to log in without verification. I recommend setting that to 0.5 and then using the “Run reCAPTCHA in test mode” option below that for a short time to see what sort of scores you see during your logins. You may need to reduce the threshold score slightly after looking at the test mode score.
That said, this could be an issue with plugin/theme conflicts too. Double-check the browser console for red errors that might hint at issues with the reCAPTCHA on this page. If our scripts don’t load properly due to an error earlier in the loading process, this is the most common cause of such behaviour. The best way to test is to run Wordfence as your only enabled plugin and also revert to a default theme such as Twenty Twenty-Three. If you are able to log in, then re-enable your plugins and theme one by one until it breaks again to help find the cause.
To allowlist an IP address, navigate to your Wordfence >Login Security >Settings >General and add your IP address to the “Allowlisted IP addresses that bypass 2FA and reCAPTCHA” text box. Remember to Save your settings. Another thing to note is users with 2FA enabled will automatically skip the CAPTCHA scoring and would not be required to verify via email.
Let me know how it goes.
Thanks,
Mark.
Hi @birken ,
Unfortunately, we cannot give a specific timeline for the release here on Forums. We are currently testing changes for the next release and will be getting that out as soon as possible.
As a temporary fix, you can disable the “Scan for out of date, abandoned, and vulnerable plugins, themes, and WordPress versions” in the Wordfence > Scan > Manage Scan section.
Thanks,
Mark.
Hi @nmwoods123 , thanks for reaching out. We are sorry to hear you’re having problems with site speed.
Some Wordfence customers can experience problems at times when intensive processes such as scans are running. Hosting plans, the size of the website content, and the number of installed plugins tend to be the deciding factors in this, but a majority of the sites running Wordfence work without issues.
We constantly work on making the plugin faster, perform better, and use less resources but there are no set amounts of RAM, CPU or database queries that we know Wordfence will definitely require in each use-case.
Could you please send us a diagnostic report to wftest@ wordfence.com? You can find the link to do so at the top of the Wordfence > Tools > Diagnostics page. There, click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.
Thanks,
Mark.
Hi @chiaraampartners ,thanks for reaching out.
These URLs normally show up in Google search/Search Console due to an automatic redirect to a search/home page when a 404 is hit on your site. This can be due to a misconfigured theme, or a redirect plugin purposely changing 404 behavior. When one of the wordfence_lh URLs is followed, the page should be totally blank in the browser.
The ones you are seeing are likely from Google remembering old URLs and trying them again to update their index. With time Google should recognize that those paths are not useful to crawl.
We used to recommend adding wordfence_lh and hid to the list of parameters that Google can ignore, but it looks like that feature has been removed from Google Search Console: https://searchengineland.com/google-search-consoles-url-parameter-tool-is-officially-not-working-383828
Thanks,
Mark.Hi @sushilsth , thanks for reaching out.
Sometimes other plugins can cause issues with the Wordfence 2FA functionality. If the Sucuri firewall is the only differentiating factor from the other sites, you can try disabling it temporarily to see whether that solves the issue.
Please note that if you use a custom login page, it can also cause 2FA to not work right since our 2FA feature is only supported for the default WordPress login page and the custom login page for WooCommerce.
If none of the above works for you, please send a diagnostic report to wftest @ wordfence.com? You can find the link to do so at the top of the Wordfence Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.
Thanks,
Mark.
Hi @muadmz , thanks for reaching out.
Could you please do the following steps for me:
- Go to the Wordfence > Tools > Diagnostics page
- In the “Debugging Options” section check the circle “Enable debugging mode”
- Click to “Save Changes”.
- CANCEL any current scan and start a NEW scan
- Copy the last 20 lines from the Log (click the “Show Log” link) or so of the activity log once the scan finishes and paste them in this post.
Wordfence > Tools > Diagnostic > Debugging Screenshot
This will help me see exactly what is happening when the scan fails.
Additionally, can you send a diagnostic report to wftest @ wordfence . com? You can find the link to do so at the top of the Wordfence > Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.NOTE: It should look as follows – Screenshot of Tools > Diagnostic > Send by Email
Thanks,
Mark.Hi @birken , thank you for reaching out to us.
The FormCraft 3 plugin seems to be overriding the WordPress upgrade hook and isn’t returning the expected format in this case. This will likely be addressed by Wordfence version 7.10.4 so that issues with other plugins don’t result in a fatal error during the scan.
Thanks,
Mark.
Hi @lia987 , thanks for reaching out.
You keep getting these notifications because you have enabled the option to receive an alert when a user is locked out from logging in. If you don’t wish to receive these alerts anymore, you can disable the “Alert when someone is locked out from login” option from Wordfence>All Options>Email Alert preferences.
Depending on the site you’re running and the number of users on the site, you may need to review the lockouts in case another administrator is locked out. If you’re running a site with many users, it may be best to disable this option to avoid receiving many alerts.
For more information on email alert configuration options, check out the resources below https://youtu.be/d50knnGXNO4
https://www.wordfence.com/help/dashboard/alerts/Let me know in case you have any questions.
Thanks,
Mark.
- This reply was modified 2 years, 7 months ago by wfmark.
