Auto and manual WAF rules update fails

  • Resolved regexaurus

    (@regexaurus)


    5 years, 11 months ago

    Wordfence Security no longer updates WAF rules on two sites I manage.

    On both sites:

    • WordPress 5.1.1
    • Wordfence Security 7.2.4
    • DreamHost shared hosting, PHP 7.2 fastcgi

      • The last successful update check on one site was March 3, 2019. On the second site, the last successful update check was March 14, 2019.

      For both sites, if I click MANUALLY REFRESH RULES, for a bit I see “Wordfence is working…” with a busy wheel, then, “Rule Update Failed : No rules were updated. Please verify your website can reach the Wordfence servers.”

      I’ve attempted a number of troubleshooting steps, including:

    • Pinged Wordfence servers (69.46.36.0/27) from DreamHost server terminal. 69.46.36.1, 69.46.36.2, 69.46.36.3 were successful; all others failed / timed out. (unknown whether this is relevant)
    • Deactived/reactivated Wordfence Security plugin.
    • Enabled WordPress debugging (log file and display) and Wordfence debugging mode, and attempted manual rule refresh. No helpful debug entries were logged or displayed.
    • Unchecked Enable SSL Verification in Wordfence debugging options, and attempted manual rule refresh. This made no difference.

      • Note: I also posted a reply to a similar (apparently related) topic by another user, only to later realize that community/developer policy/expectation is for users to create new topics, unless they are working on the exact same problem (e.g. two admins working on the same problem and site). Sorry for any confusion/duplication here.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Thread Starter regexaurus

    (@regexaurus)

    According to DreamHost support, the problem appears to be with Wordfence. DreamHost support responded with, “…it seems as if our servers cannot reach WordFence’s cloud host as the connection dies at the boarder. A traceroute to noc4.wordfence.com dies at their boarder and a trace back to us dies as well. From what we have determined, the issue seems to be with WordFence and not us…”
    Presumably, boarder == router ??

    Also experiencing the exact same problem. Any news?

    It has come to our attention that one of our servers where scan signatures and firewall rules come from is being blocked for some reason by a few hosting providers like Dreamhost. If you are not getting your rules updated and are hosted by Dreamhost (or any another hosting provider for that matter) please ask the provider to check and see if noc4.wordfence.com (69.46.36.20) is being blocked. If it is, ask them to unblock it for ports 80 and 443 and let us know if this was the case. If Dreamhost is blocking the IP then they are the only ones that can do anything to fix this.

    Tim

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Auto and manual WAF rules update fails’ is closed to new replies.