Cloudfare compatible?

  • Resolved melaniesinmek

    (@melaniesinmek)


    9 months, 2 weeks ago

    Hi,

    I have 2 questions:

    1. is Wordfence compatible with Cloudfare? Can I use both at the same time or will that cause issues?
    2. How can I get rid of the Wordfence backend (WordPress) notifications?

    Thank you ??

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @melaniesinmek, thanks for reaching out!

    Which specific notifications are you referring to in your second point? If you have any wording or a screenshot of the ones you’re referring to I can help you out with that.

    Many Wordfence customers use Cloudflare on their servers, although there are some steps to ensure everything runs smoothly.

    To detect visitor IPs correctly, you will most likely need to select, “Use the Cloudflare “CF-Connecting-IP” HTTP header to get a visitor IP. Only use if you’re using Cloudflare.” in Wordfence > All Options > General Wordfence Options > How does Wordfence get IPs.

    You also need to update your Cloudflare settings to allow your site to connect back to itself. You should be able to do this by going to your Cloudflare control panel. It’s worth checking all IPs associated with your server first (Find them at Wordfence > Tools > Diagnostics > IP(s) used by this server)

    • Login to Cloudflare
    • Go to “Firewall”
    • Click the “Firewall Rules” tab
    • Click “Create a Firewall rule”
    • Name the rule under “Rule Name”
    • Set the “Field” under “When incoming requests match…” to “IP Source Address”
    • Enter your site’s IP address(es) under “Value”
    • At the bottom, under “Then…Choose an action” change “Block” to “Allow”
    • Click “Deploy

    If it seems that you also need to allow our IPs, repeat the same process as above for the list of IPs here: https://www.wordfence.com/help/advanced/#servers-and-ip-range

    Thanks,
    Peter.

    Thread Starter melaniesinmek

    (@melaniesinmek)

    Hey Peter, first off thank you for the superfast reply ??

    Well, I was just aasking about Wordfence being compatible with Cloudfare as “more” i snot always better.

    To get back to the notifications: I was referring to the WordPress backend notifications I get on each backend page at the top. Currently I see this message which is generated by Wordfence:

    “reCAPTCHA test mode is enabled. While enabled, login and registration requests will be checked for their score but will not be blocked if the score is below the minimum score.”

    There is no “x” button to get rid of the notification so where in the Wordfence settings/options can I prevent any admin noifications?

    Plugin Support wfpeter

    (@wfpeter)

    Hi @melaniesinmek,

    You can’t dismiss the reCAPTCHA test mode notification when test mode is checked in Wordfence > Login Security > Settings as it’s there to prevent it being left on a live site for a prolonged period in error.

    You could either take it out of test mode if you’re satisfied that it’s working, or temporarily remove your reCAPTCHA keys and only return them when you’re happy for reCAPTCHA to go fully live.

    Many thanks,
    Peter.

    Thread Starter melaniesinmek

    (@melaniesinmek)

    Ah, I see.

    Thanks for the heads up, Peter.

    Really appreciate the answer ??

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Cloudfare compatible?’ is closed to new replies.

Tags