Wordfence technical issues

  • Resolved Vanderlindemedia

    (@jvanderlinde)


    7 years, 10 months ago

    Hi there.

    I am using wordfence on more then 100+ websites. We have a very strange situation going on which envolves the security blocking part.

    In short: we have over 50+ wordpress sites we maintain from one location. All these wordpress sites have Wordfence with a limited configuration which taxes the website / server at minimum point and still preserve protection and so on.

    All these 50+ sites carry one and the same password, for the system on the other side, to POST messages by Xmlrpc.php. The thing is as following:

    Wordfence blocks the master site once in a while with a message “invalid login” while the password / user combo is correct. When this happens, after POST it gives the default wordfence blocked message. The moment i log in, and manually remove the blocked IP, everything is alright again.

    What causes this strange anomaly where wordfence blocks an incoming XML RPC request with legitimate user / pass? After unblock, the thing works just fine.

Viewing 4 replies - 1 through 4 (of 4 total)

  • Hi jvanderlinde,
    Wordfence doesn’t block login attempts with “invalid login” messages or something like that, so I’m not sure how exactly you know it’s Wordfence that blocked this attempt?
    If you have trouble to log in your WordPress Dashboard with the correct login credentials, then clearing the browser cookies/cache could help in this case.

    Thanks.

    Thread Starter Vanderlindemedia

    (@jvanderlinde)

    Hi Wfalaa,

    It is wordfence, since a blocked message by wordfence itself comes up. Wordfence blocks the server IP adress from where we are posting from. It’s not the user, not me, it’s just the server IP that gets blocked.

    When i dodge into blocking, it notes the server IP being blocked for logging in too many times with false password. We only use one password hard-stored in a config file on the master site before we post by using xml-rpc.

    When i unblock that IP adress, the posting works fine. That is the strange part. How in world can wordfence block something that does not login incorrectly?

    That’s really weird, if I understand you correctly, first you got “invalid login” message -even though the login credentials are correct- then you get the Wordfence blocking page which shows the reason for getting blocked is for exceeding the number of “login failures” set in the plugin’s options page? I bet that getting the server IP blocked can result in other problems, especially for the scan, it won’t complete in this case!

    Whitelisting the server IP address in “Whitelisted IP addresses that bypass all rules” should work as a treat.

    Thanks.

    Hello!

    I hope we were successful in helping you resolve your issue with Wordfence! Since we have not heard back from you in the past 2 weeks I will now be marking this support thread as resolved. However, if we still haven’t resolved your issue please reach out to us as we would be more than happy to further assist you!

    Thanks and have a great day!
    Chloe

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Wordfence technical issues’ is closed to new replies.