Hello @vinnymickey and thanks for reaching out to us!
If you want to skip protection on a specific folder, follow these steps:
If you are using .user.ini (look in the root directory of your site for this), add the line below to the directory’s (this is the folder you want to turn the firewall off for) .user.ini file (or create a new .user.ini if it doesn’t exist):
auto_prepend_file = none
If using .htaccess on PHP5:
<IfModule mod_php5.c>
php_value auto_prepend_file none
</IfModule>
If using .htaccess on PHP7:
<IfModule mod_php7.c>
php_value auto_prepend_file none
</IfModule>
If you want to keep Wordfence on your entire site, we can try to figure out why its not working for you. When you try to install this script while Wordfence is active, are you seeing any blocks in Tools > Live Traffic? If so, you can whitelist the action right from here.
If not, we can also try Learning Mode. From the Wordfence Dashboard click on Manage WAF. Then you will see Basic Firewall Options > Web Application Firewall Status. Change the option to Learning Mode. Now perform the actions that were causing issues. This will help Wordfence learn that these actions are normal and it will allow them in the future. After you have finished performing the actions, switch the WAF from Learning Mode back to Enabled and Protecting. Now test to see if these actions work correctly.
https://www.wordfence.com/help/firewall/learning-mode/ is an amazing resource for learning more about the WAF and learning mode.
Let me know if this helps!
Thanks!
