right sidebar widget error

Hi @amiya1672, thanks for getting in touch.

I think a script that sends or receives data is being seen as unsafe, but if you’re expecting this plugin or feature to be there, Learning Mode can help.

From the Wordfence Dashboard click on Manage WAF. Then you will see Basic Firewall Options > Web Application Firewall Status. Change the option to Learning Mode. Now try visiting the affected page again. This will help Wordfence learn that the background actions are normal and it will allow them in the future. After you have finished performing the actions, switch the WAF from Learning Mode back to Enabled and Protecting. Now test to see if these actions work correctly.

Thanks,

Peter.

Hi @wfpeter ,

Thanks for your reply. Can I just ask one more question to see if the solution is the same?
I was trying to add a PHP code to my header.php file through the theme editor. This is the article I was trying to follow.
https://aioseo.com/docs/displaying-breadcrumbs-on-your-site/?utm_source=WordPress&utm_campaign=proplugin&utm_medium=documentation&utm_content=breadcrumbsDisplay
But when I try to save it, the below error appears. Does this mean my access is somehow blocked by Wordfence as well? I contacted my server service provider, and they were able to save just fine.
“Unable to communicate back with site to check for fatal errors, so the PHP change was reverted. You will need to upload your PHP file change by some other means, such as by using SFTP.”

Kind Regards,
Lily

Hi @amiya1672,

That specific error message comes from a WordPress feature included in WordPress 4.9+. It checks for PHP errors in the built-in file editor to prevent saving code that could/will break your site. However, the same error can be caused if something is preventing the WordPress loopback from executing the script to check your code. It is possible that Wordfence is doing the blocking so again Learning Mode could help.

However, if you’re making the code changes by downloading the file via (S)FTP and uploading it back or editing PHP files in your hosting control panel, you shouldn’t experience this error as it’s specific to editing within WordPress.

Thanks again,

Peter.

Thanks for your reply @wfpeter .
I have seen many attacks have been blocked by WordFence over the last couple of days. So making me worried if I turn Wordfence into learning mode, whether my website will still be properly protected.
Any suggestions here? Or is my impression about the learning mode incorrect. I seem to recall reading a Wordfence article about better not keep the mode on for too long.

Kind Regards,
Lily

Hi @amiya1672,

Brute Force and Rate Limiting settings will be unaffected by Learning Mode, so whilst I recommend only having it turned on during the duration of your tests clicking around your site, it won’t leave your site entirely unprotected.

It should effectively teach the firewall rules that the actions that are stopping you from using certain plugin/WordPress features are safe so that they’re allowed through once you turn it back to Enabled and Protecting.

Thanks,

Peter.

Hi @wfpeter ,
Thanks for the insights!
Will definitely turn it to learning mode in the next few days to see if problems can be resolved.
I was just checking the Wordfence weekly report and notice the below. Does it look concerning as in some sort of unauthorise changes or potentially just part of the plugin’s normal activity?

Recently Modified Files
Modified File
August 22, 2021 6:13pm
wp-content/uploads/wpforms/cache/email-summaries.json

Kind Regards,
Lily

Hi @amiya1672,

It’s a good idea to keep an eye on recently modified files, although as this appears in a “cache” folder, it seems likely that a caching plugin (or WP Forms itself) has updated/created this file to speed up loading for your site visitors. If suspicious code has been identified in a modified file, you’d receive a higher level warning to review the contents.

If cached locations are constantly being flagged in this way, they can be excluded in Wordfence > All Options > Activity Report > List of directories to exclude from recently modified file list, but this is at your discretion.

Thanks again,

Peter.