• Resolved headplus

    (@headplus)


    Hi all! i have problems with the scan..it stops on its own.

    1. i Use the option “Cloudflare “CF-Connecting-IP” HTTP header to get a visitor IP. Only use if you’re using Cloudflare”

    2.i have rule (server permition) on coudlflare’s firewall with my servers ip (that works)- becouse i see the cronjobs works perfect.

    3.i have rule for wordfence servers as well

    4.i tried Use only IPv4 to start scan (without success)

    5.on Connectivity “Connecting back to this site” i have errors:

    wp_remote_post() test back to this server failed! Response was: 429 (Too Many Requests
    This additional info may help you diagnose the issue. The response headers we received were:
    more analytics i have:
    NEL: {“success_fraction”:0,”report_to”:”cf-nel”,”max_age”:604800}
    Strict-Transport-Security: max-age=15552000; preload
    X-Content-Type-Options: nosniff
    Server: cloudflar

    6.also “Connecting back to this site via IPv6” i have error: wp_remote_post() test back to this server failed! Response was: cURL error 7: Failed to connect to badcustomer.gr port 443

    i have read so much about all that( i mean problems with no scan) and i never found right directions!
    a lot of if,if, if and if!!!

    finally how easy for someone to use wordfence at his site?
    Exsuse me for all that but i m really felt so tired….

    I never had any problems with other similar plugins in the past.
    And as i took a a deep look at forums like cloudflare’s or even here or genereally in web, there are so many users who speaks for conectivity problems about the plugin…
    Anyway…this is my last chance to find a solution
    .the next defently will be the deactivation..

    Any help is appreciated!thank you in advanced!

Viewing 11 replies - 1 through 11 (of 11 total)
  • wfjoshc

    (@wfjoshc)

    Hi @headplus

    Thanks for reaching out!

    Looks like while you have allowlisted your site in Cloudflare, all the request from Wordfence is getting rate limited in Cloudflare.

    I recommend losening up your cloudflare settings as they seem to be limiting Wordfence.

    Let me know how it goes!
    Thanks,

    Joshua

    Thread Starter headplus

    (@headplus)

    Thank you for your reply.

    As you know cloudflare has many options and setting. Would you like to be more detailed about that?

    wfjoshc

    (@wfjoshc)

    Hi @headplus

    On your Cloudflare’s settings, you could check under Security->Events on the left menu, and scroll to the “Rate limiting rules” section. If that shows “No data”, then rate limiting is probably disabled. If there is data, you could scroll further down to “Activity log”, and see if any rate limiting entries are shown.

    Let me know!

    Thanks,

    Joshua

    Thread Starter headplus

    (@headplus)

    Hi @wfjoshc,

    On Cloudflare settings Rate limiting rules section. shows: “No data”

    On Firewall rules i have 2 rules. the first is for my ip (and there are activities with some events from my site’s cronjob), and the second has the Wordfence’s servers ips as “allow” that there is no any avtivity(means no data on log).

    wfjoshc

    (@wfjoshc)

    Hi @headplus

    Can you send a diagnostic report to wftest @ wordfence . com? You can find the link to do so at the top of the Wordfence > Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.

    NOTE: It should look as follows – Screenshot of Tools > Diagnostic > Send by Email

    Thanks,

    Joshua

    Thread Starter headplus

    (@headplus)

    @wfjoshc I just sent it!

    wfjoshc

    (@wfjoshc)

    Hi @headplus

    That does look like Cloudflare. Headers can be deceiving sometimes, but the javascript in the body uses /cdn-cgi/challenge-platform/ which is definitely them.
    This might be “bot fight” mode.


    Can you please follow both sets of instructions for allowlisting in the instructions that we use for Cloudflare with Central here: https://www.wordfence.com/help/central/connect/

    Thanks,

    Joshua

    Thread Starter headplus

    (@headplus)

    hello! @wfjoshc

    instructions that we use for Cloudflare with Central here: https://www.wordfence.com/help/central/connect/

    I Think that the wordfense team has to update the instructions for Cloudflare because cloudlfare has changed some setting.

    This might be “bot fight” mode.

    You can take a look at my settings about that:

    https://ibb.co/ftSZbRf

    https://ibb.co/VHjFhF3

    So as you can see i think that with these settings wordfence scan would must work..but it doesnt….

    so now what do you think that is going wrong after the email that i sent and screenshoots here?

    Hi @headplus

    Thanks for letting us know!

    I highly recommend reaching out to Cloudflare in this instance as our instructions were based on their previous instructions

    You can ask them how to allowlist our IP range and your server IP, and also how to disable ‘bot fight’ mode

    I hope this helps!
    Thanks,

    Joshua

    Thread Starter headplus

    (@headplus)

    hello! @wfjoshc Thank you for your reply!

    firstly I would like to mention that the function “bot fight” is able to be disabled very easily in Cloudflare and as you can imagine i tried it (with bot fight disabled). But never the scan worked!

    But i have GOOD NEWS and I solved my problems!!!

    I threw Wordfence in the trash and i replaced it with another valuable plugin that does not cause me any problems either with my local server or with Cloudflare etc.


    I hope in the future the tech team of WF manage to solve the problems that plugin has either in friendliness with Cloudflare or any other Firewall, either regarding the newer php etc.

    So…becouse time is money, (and please believe me, i have offer lot on Wordfence,)

    if someone has same problems mustn’t forget that he can use the Trush!


    Thank you again for your replies and for your time!

    Thanks for your thoughts about Wordfence.

    Cloudflare is under no obligation to let us know if their processes change and we don’t expect them to. We provide the last known instructions we have to allowlist IPs or fix issues with the way Cloudflare works. If someone reaches out and tells us those no longer work like you did, we update the documentation as we are currently doing. However, we still recommend that our users reach out to Cloudflare (as Josh advised you to do) as they are the best source of information when it comes to their systems. Getting upset because we don’t know exactly how to fix a Cloudflare issue is kind of like asking a McDonald’s employee how they make burgers at Burger King and being mad because they can’t tell you exactly how it is done.

    We can tell this is a Cloudflare block because we can see it in the connection detail of the diagnostic report you sent us.

    HTTP/1.1 429 Too Many Requests
    Date: Wed, 15 Mar 2023 19:41:29 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    CF-Cache-Status: DYNAMIC
    Report-To: {“endpoints”:[{“url”:”https:\/\/a.nel.cloudflare.com\/report\/v3?s=t7wFqjEGy43bgnbwnstKsBfXJ6jcx4bnd6jLfZ4w5NJ0sv0EKrrw8cDRrD%2BF9gHkH0DcUmkmINZq9OqdKnS6pCSAmG8Jkyd59vxljJ1rwn5bAkgj42TM0b%2FIygc1nPBaBA%3D%3D”}],”group”:”cf-nel”,”max_age”:604800}
    NEL: {“success_fraction”:0,”report_to”:”cf-nel”,”max_age”:604800}
    Strict-Transport-Security: max-age=15552000; preload
    X-Content-Type-Options: nosniff
    Server: cloudflare
    CF-RAY: 7a873bf37f03c226-VIE
    alt-svc: h3=”:443″; ma=86400, h3-29=”:443″; ma=86400


    429 Too Many Requests

    That means that Cloudflare is rate limiting connections from your website to itself. The website needs to connect to itself to start scans and do many other things like scheduled backups, scheduled posts, etc. Luckily in your case it appears that just the scanning is rate limited as I can see crons (scheduled tasks) are current. So adding your website IP address (yours should start with 185.X.X.X) to the allowlist in Cloudflare should have addressed this, along with the Wordfence IPs which I see you already added.

    Lastly, I would like to remind you that support here in the forums is voluntary, just like your participation is according to www.remarpro.com. It is offered for free by staff that are paid and trained Wordfence employees. If a more one-on-one support experience is preferred then a paid license is what you should look into.

    I do see that you said you uninstalled Wordfence so we wish you well in whatever security solution you chose to go with.

    Mia

Viewing 11 replies - 1 through 11 (of 11 total)
  • The topic ‘no scanning, no conecting!’ is closed to new replies.