Wordfence blocking all users when WAF is triggered (sometimes)

  • Resolved Oli

    (@oliverjdb)


    2 years, 11 months ago

    On average, several times per day, my website looks like this: https://share.getcloudapp.com/YEurkZlA everyone gets 403 forbidden.

    This time around I was able to see what happened at the time the block was triggered, here are the events: https://share.getcloudapp.com/NQuNloqq

    I don’t understand why all traffic appears to be being blocked when only a certain visit triggered the firewall. In this example, my Uptimerobot tracker was blocked (despite me having checked to allow it) and myself, when I visit from Australia, am blocked – yet the offending traffic was from Korea.

    What can I do to stop this behaviour?

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support wfphil

    (@wfphil)

    Hi @oliverjdb

    The Live Traffic page feed hits shown wouldn’t generate the block page that you provided a screenshot for.

    If you notice on the block page there is a 24-minute time difference in the timestamps at the bottom of the page. If your computer’s time is correct then this indicates a broken or misconfigured caching plugin serving cached copies of block pages when it shouldn’t be doing that.

    Are you using a caching plugin or server-side caching?

    Thread Starter Oli

    (@oliverjdb)

    Yes both:

    Cache Enabler + Autoptimise

    Cloudflare

    Where do you think the issue lies?

    Plugin Support wfphil

    (@wfphil)

    Hi @oliverjdb

    Thank you for the update.

    It shouldn’t be Cloudflare or Autoptimise as I haven’t seen caching problems with those before.

    Have you tested deactivating the Cache Enabler plugin?

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Wordfence blocking all users when WAF is triggered (sometimes)’ is closed to new replies.