403 Forbidden WHAT? Why am I seeing this?

  • Resolved rsb1234

    (@rsb1234)


    9 months ago

    Hi – When Wordfence is enabled, all access to our site is blocked from both front end and backend. Users and admins only see the 403 screen attached.

    Any idea why? The server IP is on no blacklists. The site contains no malware. Disabling Wordfence via ftp re-enables the site.

    Thanks

    The page I need help with: [log in to see the link]

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @rsb1234, thanks for getting in touch.

    That’s the blocklist page, so it’s likely IP detection is incorrect as it sounds from your description like everybody is blocked by it.

    When you’ve been accidentally blocked, rename the /wp-content/plugins/wordfence plugin folder to “wordfence_bak” (without quotes). This should let you access and log into your site normally.

    You can then rename the folder back to “wordfence”, but if you become blocked again immediately it’s sometimes necessary to install the Wordfence Assistant plugin to disable the firewall before trying to reenable Wordfence. This would allow you to remove your IP block from the Wordfence > Blocking page.

    When IP detection is wrong, a legitimately triggered block for somebody else may affect all visitors including yourself. Take note of your own IP on your main device: https://www.whatsmyip.org.

    Head over to Wordfence > All Options > General Wordfence Options > How does Wordfence get IPs and reference the area under that section that says Detected IPs and Your IP with this setting. See if any of the options there when picked accurately reflect your IP. If one does, don’t forget to hit the SAVE CHANGES button in the top-right after you’re done.

    Don’t forget to also reenable the firewall again.

    I hope that helps you out!
    Peter.

    Thread Starter rsb1234

    (@rsb1234)

    Thanks so much for the quick reply Peter. With your help I’ve managed to get Wordfence working again.

    The only IP address detection method that worked appears to be open to spoofing though: (X-Forwarded-For HTTP header. Only use if you have a front-end proxy or spoofing may result.) Any idea why the other methods suddenly don’t work?

    Also, maybe unrelated, but the main WP login page /wp-login.php returns page not found after attempting login with valid credentials. I replaced htaccess with default version, but still no luck. Do you think it’s related?

    thanks

    Plugin Support wfpeter

    (@wfpeter)

    Hi @rsb1234,

    Usually the reason why an IP detection method might stop working after previously working would be a change of some kind at the hosting side. Sometimes load balancers, proxies, etc. might be the answer.

    I’m not sure why wp-login.php would 404 after logging in, although it could be worth disabling your plugins to see if any are affecting it. Reenabling them one-by-one to see when the issue returns might be a good place to start troubleshooting.

    Thanks again,
    Peter.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘403 Forbidden WHAT? Why am I seeing this?’ is closed to new replies.