Can’t connect to Wordfence Central

I’ve got the same error for all sites on my server. The complete error is this:

wfCentralAPIException: HTTP 403 ontvangen van Wordfence Central: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "https://www.w3.org/TR/html4/loose.dtd">
<HTML><HEAD><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<TITLE>ERROR: The request could not be satisfied</TITLE>
</HEAD><BODY>
<H1>403 ERROR</H1>
<H2>The request could not be satisfied.</H2>
<HR noshade size="1px">
Request blocked.
We can't connect to the server for this app or website at this time. There might be too much traffic or a configuration error. Try again later, or contact the app or website owner.
<BR clear="all">
If you provide content to customers through CloudFront, you can find steps to troubleshoot and help prevent this error by reviewing the CloudFront documentation.
<BR clear="all">
<HR noshade size="1px">
<PRE>
Generated by cloudfront (CloudFront)
Request ID: PToP_13HzVgRb4V-PJk2Tv0X1cunnHpkTEzlCYge90QWSBgaE0ClWg==
</PRE>
<ADDRESS>
</ADDRESS>
</BODY></HTML> in /.../wp-content/plugins/wordfence/lib/wfCentralAPI.php:309
Stack trace:
#0 /.../wp-content/plugins/wordfence/lib/wfCentralAPI.php(264): wfCentralAuthenticatedAPIRequest->fetchToken()
#1 /.../wp-content/plugins/wordfence/lib/wfCentralAPI.php(62): wfCentralAuthenticatedAPIRequest->getToken()
#2 /.../wp-content/plugins/wordfence/lib/wfCentralAPI.php(485): wfCentralAPIRequest->execute()
#3 /.../wp-content/plugins/wordfence/lib/wfIssues.php(388): wfCentral::deleteNewIssues()
#4 /.../wp-content/plugins/wordfence/lib/wfScanEngine.php(202): wfIssues->deleteNew()
#5 /.../wp-content/plugins/wordfence/lib/wfScan.php(203): wfScanEngine->deleteNewIssues()
#6 /.../wp-content/plugins/wordfence/lib/wordfenceClass.php(1517): wfScan::wfScanMain()
#7 /.../wp-includes/class-wp-hook.php(324): wordfence::ajax_doScan_callback()
#8 /.../wp-includes/class-wp-hook.php(348): WP_Hook->apply_filters()
#9 /.../wp-includes/plugin.php(517): WP_Hook->do_action()
#10 /.../wp-admin/admin-ajax.php(207): do_action()
#11 {main}

I guess it’s related to a firewall issue, where an IP address is blocked, that’s used for Wordfence Central, but I’ve already checked the IPs I could find in older posts and in the documentation. They are whitelisted:

44.235.211.232
54.68.32.247
54.71.203.174

Could it be a new IP address that’s used for WF Central since today? I’ve also checked a couple of sites at other hosts and couldn’t find the error in those logs.

Not sure. I wonder if it’s related to the outage they had overnight.

I haven’t heard anything about that. Do you have a link to more information?

status.wordfence.com

Getting the same error here.

@kingstonrx84 That outage looks indeed like it could be related to these errors. Perhaps something was changed in the routing, causing a block somewhere in the network. Hopefully support will respond soon, so we can investigate this further.

For the record: this isn’t just an issue when creating an initial connection. In my case the errors occur with already connected sites, during a scan. But is is obviously related to the communication with Wordfence Central.

I’m surprised this hasn’t been fixed yet (or at least reported as an outage) as it’s affecting Wordfence Central users for this long now.

Very concerning for a 24/7 staffed security company to be honest to not be aware.

I found 403 errors related to this issue in my PHP log and I tried to reconnect my website to Wordfence Central, but I failed. Can the support team please clarify what’s going on?

And I also have a similar 403 error when trying to connect the site. On a subdomain, not sure if that matters.

It seems that wordfence.com is currently using a highly restrictive AWS CloudFront setting, which blocks all non-ISP access. Only ISP ASNs can access wordfence.com. I’m surprised that Wordfence expects all customers to have their servers installed at home rather than in offices or on cloud.

@metropub Subdomains shouldn’t matter, it can happen to any sites, because it’s network related.

@sao987 I don’t know if it’s only open to ISP ASNs, but there seems to be too much restriction, so it might be some “I’m under attack” mode or something.

For what it’s worth, I’ve got sites on Siteground and Lightsail. So far I’m seeing the problem on Siteground but not Lightsail. Has anybody asked on Premium support?

Could this maybe be fixed? I appear to be seeing normal connections to WF central now.

Hi everybody,

You’re correct that we experienced an outage over the weekend which caused some issues with connectivity. Support cases around 403s also increased during and after that time to correlate. This morning, we noticed that some of our recovery measures may have been causing ongoing connectivity issues for customers so implemented a fix that should allow affected customers to connect to Central and any other services that were returning 403s.

Thanks for your patience and understanding,
Peter.

I’ve also got the idea, that it has been fixed about 6 hours ago. That were the last errors I’ve seen in my logs.

It’s indeed possible that some providers were affected and some were not. That’s how the internet consists of many parts (networks, ASNs).

EDIT: Thanks @wfpeter for the explanation. Could we have done anything else to get more attention for this issue? I understand that it was weekend for you as well, but this had quite some impact to many sites and the status page suggested everything was already solved, while it wasn’t so I would expect there should have been some monitoring after the outage, followed by the fix (an actual change to the system).

• This reply was modified 3 months, 2 weeks ago by Jos Klever. Reason: replies crossed each other