Scan Failed (503)

I just send a report to wftest @ wordfence . com including my forum username.

Can you please help? It was working just fine 1 week ago…

Hi @releasejim, thanks for sending over your diagnostics.

The “Connecting back to this site” section that’s reporting the wp_remote_post() failed message is accompanied by a Cloudflare blocking page that is displaying when we attempt to connect to your site.

If your site is protected by Cloudflare, you may need to update your Cloudflare settings to allow your site to connect back to itself. You should be able to do this by going to your Cloudflare control panel.

• Login to Cloudflare
• Go to “Firewall”
• Click the “Firewall Rules” tab
• Click “Create a Firewall rule”
• Name the rule under “Rule Name”
• Set the “Field” under “When incoming requests match…” to “IP Address”
• Enter your site’s IP address under “Value”
• At the bottom, under “Then…Choose an action” change “Block” to “Allow”
• Click “Deploy

Once you have added your site to the Cloudflare Whitelist, head back over to your site and attempt another scan.

Let me know how you get on!

Peter.

Hello Peter.

I just added the firewall rule and I included the 3 Ip’s that are used by my server.

I included all these IPs —> https://ibb.co/ZzqdSTs (screenshot)

I purged every cache available. But still nothing. To be honest I don’t think that was the issue because my WordFence scans were just fine for months without these rules.

Something else is the problem but I really can’t understand what’s going on…

Can we solve this somehow?

Jim.

I even contacted my host and they checked if they have blocked any of WordFence’s IPs.

They said that they are not blocking WordFence’s IPs.

I also tried START SCANS REMOTELY but it doesn’t work either.

It’s weird. I clicked on “Pause Cloudflare on Site” and the problem was gone.

Then I re-enabled Cloudflare on Site and the problem came back…

I added the rule you told me… I dont know what’s causing this…

• This reply was modified 3 years, 7 months ago by Jim.

I found out what was causing the problem.

It was BOT FIGHT MODE under FIREWALL -> BOTS

If I disable it the scan run perfectly. But I want BOT FIGHT MODE enabled just to be safe…What can I do?

Why would Bot Fight mode block Wordfence? Its only supposed to challenge requests that match patterns of known bots, before they access your site…

Mybe you should fill this form so that cloudflare can whitelist your plugin:

https://support.cloudflare.com/hc/en-us/articles/360035387431-Frequently-asked-questions-about-Cloudflare-bot-products

https://docs.google.com/forms/d/e/1FAIpQLSdqYNuULEypMnp4i5pROSc-uP6x65Xub9svD27mb8JChA_-XA/viewform

UPDATE: Having disabled BOT FIGHT MODE now the Connectivity Ability to connect to the Wordfence servers and your own site is GREEN but the scans still not work…

What is going on?

I deactivated and reactivated WordFence and now the scan is working…
I dont know whats going on but now its working and the main problem was BOT FIGHT MODE as I mentioned above.

Again, do you have any idea how can I have BOT FIGHT MODE enabled without blocking WordFence?

Have tested today also as my Scan still fail. Deactivated CF Bot Fight Mode, disabled / enbaled wordfence again, no change. whitelisted all WF IPs under Cloudflare + WebSrv IP.., no change

Complete Paused Cloudflare, scan runs fine!

Would also like to know how to get WF Scan run with CF enabled..
br

Hi @releasejim, thanks so much for all your detailed information and trying a variety of options.

“Bot fight mode” is new to me personally, and I’ve not dealt with this during the resolution to a Cloudflare/Wordfence issue before. However, one of our developers recently dealt with it in relation to breaking cron jobs. As Wordfence scans tend to trigger through a cron, it could be the reason why this mode is causing things to break on your site but we could certainly look into it further.

Thank-you for providing the Cloudflare bot verification form. As “bot fight mode” is a Cloudflare option, it might be worth reaching out to your host’s support channel about whether they’ve experienced either cron jobs or parts of WordPress/PHP breaking as part of having this mode enabled and what the resolution has been.

I have seen Securi recommend to turn this mode off (also called “Bot Report”?), perform a scan, then re-enable it afterwards. This would mean that your Wordfence scans would have to be manual, so not an ideal scenario but the problem appears to be caused by this setting and not Wordfence.

Peter.

Hi @wfpeter,

I got the scans now working with CF and Bot Fight Mode enabled.

Under CF Firewall Rules I created:

IP Source Address is in 69.46.36.0/27 + the other WF Ips

Under CF Firewall Tools I added as well the IPs. Just there is the Problem that 69.46.36.0/27 to whitelist is not allowed, so I had to create each IP separate from 69.46.36.1 – .28

Just one question to the WF-IPs: If I dont use WF-Central, should the 69.46.36.0/27 IP-range be sufficient for scanning and WF Communication, or do I really need all the other WF-IPs?

Thx

br

Thanks, @sallyruchman this worked like a charm!

AT LAST!