Increased Attack Rate

Hi @adamwrethinkfirst

If you have the latest version of Wordfence then you will see the followijg advice in the emails:

Wordfence is blocking these attacks, and we’re sending this notice to make you aware that there is a higher volume of the attacks than usual. Additionally, the Wordfence Real-Time IP Blocklist can block known attackers’ IP addresses automatically for Premium users, including any probing requests that may not be malicious on their own. All Wordfence users can also opt to block the attacking IPs manually if desired. As always, be sure to watch your scan results and keep your plugins, themes and WordPress core version updated.

Thank you wfphil, but I’m weary of blocking IP addresses because mine in Wordfence is different from online tools such as https://whatismyipaddress.com and other users who are in different states have very similar IPs in Wordfence.

Here is a screenshot showing Wordfence on left (with my IP and another user who lives in a different state, but both start the same) and https://whatismyipaddress.com/ on right (showing how my IP usually shows in online tools).

Is there a reason Wordfence is showing my IP address differently?

Thank you,

Adam

Hi @adamwrethinkfirst

Thank you for the update.

To check that you have set up IP address detection correctly in the plugin then let me know your IP address using the link below:

https://whatismyipaddress.com/

Then immediately send me your diagnostics report so I can see what Wordfence detects your IP address as being.

Please go to the top of the “Diagnostics” tab on the Wordfence “Tools” page. There will be a “SEND REPORT BY EMAIL” button to send the diagnostics report. Enter wftest [at] wordfence [dot] com as the email and adamwrethinkfirst as the forum username please.

Once you have emailed me the diagnostics report can you reply here to let me know that it has been sent. This is important in the unlikely event that your installation of WordPress is having an issue with sending mail.

I don’t feel comfortable sharing my full IPv4 address, so I will share all but the last 3 digits. It is 70.115.49.###.

The diagnostic report has been sent.

Thank you very much for looking into this,

Adam

Hi wfphil, were you able to view the diagnostic report?

Thank you,

Adam

Hi wfphil, following up.

Thank you,

Adam

Hi @adamwrethinkfirst

Thank you for the report.

You can find your IP address below (note that this detection is not 100% accurate on cellular phone network connections):

https://whatismyipaddress.com/

Make a note of your IP address.

In the How does Wordfence get IPs subsection of the General Wordfence Options section on the All Options page you will need to set and save the option Use the Cloudflare “CF-Connecting-IP” HTTP header to get a visitor IP. Only use if you’re using Cloudflare.

Make sure to save the change.
?
Then look at these two lines:

Detected IP(s):
Your IP with this setting:
?
If you see your IP address on the line Your IP with this setting then it is fixed.

Thank you @wfphil , I see my IP in “Detected IP(s)” but not “Your IP with this setting”.

Are there any other options/settings that should be changed?

Thank you.