no scanning, no conecting!

Hi @headplus

Thanks for reaching out!

Looks like while you have allowlisted your site in Cloudflare, all the request from Wordfence is getting rate limited in Cloudflare.

I recommend losening up your cloudflare settings as they seem to be limiting Wordfence.

Let me know how it goes!
Thanks,

Joshua

Thank you for your reply.

As you know cloudflare has many options and setting. Would you like to be more detailed about that?

Hi @headplus

On your Cloudflare’s settings, you could check under Security->Events on the left menu, and scroll to the “Rate limiting rules” section. If that shows “No data”, then rate limiting is probably disabled. If there is data, you could scroll further down to “Activity log”, and see if any rate limiting entries are shown.

Let me know!

Thanks,

Joshua

Hi @wfjoshc,

On Cloudflare settings Rate limiting rules section. shows: “No data”

On Firewall rules i have 2 rules. the first is for my ip (and there are activities with some events from my site’s cronjob), and the second has the Wordfence’s servers ips as “allow” that there is no any avtivity(means no data on log).

Hi @headplus

Can you send a diagnostic report to wftest @ wordfence . com? You can find the link to do so at the top of the Wordfence > Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.

NOTE: It should look as follows – Screenshot of Tools > Diagnostic > Send by Email

Thanks,

Joshua

@wfjoshc I just sent it!

Hi @headplus

That does look like Cloudflare. Headers can be deceiving sometimes, but the javascript in the body uses /cdn-cgi/challenge-platform/ which is definitely them.
This might be “bot fight” mode.

Can you please follow both sets of instructions for allowlisting in the instructions that we use for Cloudflare with Central here: https://www.wordfence.com/help/central/connect/

Thanks,

Joshua

hello! @wfjoshc

instructions that we use for Cloudflare with Central here: https://www.wordfence.com/help/central/connect/

I Think that the wordfense team has to update the instructions for Cloudflare because cloudlfare has changed some setting.

This might be “bot fight” mode.

You can take a look at my settings about that:

https://ibb.co/ftSZbRf

https://ibb.co/VHjFhF3

So as you can see i think that with these settings wordfence scan would must work..but it doesnt….

so now what do you think that is going wrong after the email that i sent and screenshoots here?

Hi @headplus

Thanks for letting us know!

I highly recommend reaching out to Cloudflare in this instance as our instructions were based on their previous instructions

You can ask them how to allowlist our IP range and your server IP, and also how to disable ‘bot fight’ mode

I hope this helps!
Thanks,

Joshua

hello! @wfjoshc Thank you for your reply!

firstly I would like to mention that the function “bot fight” is able to be disabled very easily in Cloudflare and as you can imagine i tried it (with bot fight disabled). But never the scan worked!

But i have GOOD NEWS and I solved my problems!!!

I threw Wordfence in the trash and i replaced it with another valuable plugin that does not cause me any problems either with my local server or with Cloudflare etc.

I hope in the future the tech team of WF manage to solve the problems that plugin has either in friendliness with Cloudflare or any other Firewall, either regarding the newer php etc.

So…becouse time is money, (and please believe me, i have offer lot on Wordfence,)

if someone has same problems mustn’t forget that he can use the Trush!

Thank you again for your replies and for your time!

Thanks for your thoughts about Wordfence.

Cloudflare is under no obligation to let us know if their processes change and we don’t expect them to. We provide the last known instructions we have to allowlist IPs or fix issues with the way Cloudflare works. If someone reaches out and tells us those no longer work like you did, we update the documentation as we are currently doing. However, we still recommend that our users reach out to Cloudflare (as Josh advised you to do) as they are the best source of information when it comes to their systems. Getting upset because we don’t know exactly how to fix a Cloudflare issue is kind of like asking a McDonald’s employee how they make burgers at Burger King and being mad because they can’t tell you exactly how it is done.

We can tell this is a Cloudflare block because we can see it in the connection detail of the diagnostic report you sent us.

HTTP/1.1 429 Too Many Requests
Date: Wed, 15 Mar 2023 19:41:29 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
CF-Cache-Status: DYNAMIC
Report-To: {“endpoints”:[{“url”:”https:\/\/a.nel.cloudflare.com\/report\/v3?s=t7wFqjEGy43bgnbwnstKsBfXJ6jcx4bnd6jLfZ4w5NJ0sv0EKrrw8cDRrD%2BF9gHkH0DcUmkmINZq9OqdKnS6pCSAmG8Jkyd59vxljJ1rwn5bAkgj42TM0b%2FIygc1nPBaBA%3D%3D”}],”group”:”cf-nel”,”max_age”:604800}
NEL: {“success_fraction”:0,”report_to”:”cf-nel”,”max_age”:604800}
Strict-Transport-Security: max-age=15552000; preload
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 7a873bf37f03c226-VIE
alt-svc: h3=”:443″; ma=86400, h3-29=”:443″; ma=86400

429 Too Many Requests

That means that Cloudflare is rate limiting connections from your website to itself. The website needs to connect to itself to start scans and do many other things like scheduled backups, scheduled posts, etc. Luckily in your case it appears that just the scanning is rate limited as I can see crons (scheduled tasks) are current. So adding your website IP address (yours should start with 185.X.X.X) to the allowlist in Cloudflare should have addressed this, along with the Wordfence IPs which I see you already added.

Lastly, I would like to remind you that support here in the forums is voluntary, just like your participation is according to www.remarpro.com. It is offered for free by staff that are paid and trained Wordfence employees. If a more one-on-one support experience is preferred then a paid license is what you should look into.

I do see that you said you uninstalled Wordfence so we wish you well in whatever security solution you chose to go with.

Mia