Wordfence Security
Forum Replies Created
-
Thanks. Our systems may have taken a few hours to refresh after that plugin was reintroduced. Is this still a problem?
Regards,
Mark.
Hi,
Please see our help page on troubleshooting connection issues with Central for a variety of configurations.
https://www.wordfence.com/help/central/connect/#troubleshooting-connection-issues
Regards,
Mark.
Please ask them to be more specific. It’s their plugin so they should know what is being blocked. Once we know, we can unblock it, if it is indeed something caused by Wordfence.
Thanks,
Mark.
Wordfence has quite a few scan options, some of which are not enabled by default. Check out this page: https://www.wordfence.com/help/scan/options/
It contains a detailed description of each of the scan options. You can try enabling everything. It may take a bit longer to scan, but you may have more success finding the infection.
Regards,
Mark.
What do you mean by crash? Does the server segfault? Dod you get a 500 internal server error? A whitescreen?
Is there anything in the error log if it’s a 500? Or the syslog if it’s a segfault?
Thanks.
Hi,
You can find our documentation on optimizing the firewall here: https://www.wordfence.com/help/firewall/optimizing-the-firewall/
If you still have an issue please let us know and one of our team will reply asap.
Regards,
Mark.
Hi Kevin,
It should be noc1.wordfence.com, noc3.wordfence.com and noc4.wordfence.com.
Regards,
Mark.
Sounds like a corrupt installation. Can you do a full uninstall of Wordfence and reinstall? You can find instructions here:
https://www.wordfence.com/help/advanced/remove-or-reset/
Regards,
Mark.
Looks like a DB error. Is there anything non-standard about your database setup? Are you running a windows server?
The query appears to be a ‘Show full columns from’ query so does your DB user have permissions to perform a ‘show columns’ query?
I’m filling in for our support team today. Wanted to get you a reply quickly. If you can get that data and reply here, the team will be able to help when they get to your post.
Thanks,
Mark.
Forum: Requests and Feedback
In reply to: Stop Allowing User EnumerationIt’s probably more than 10 lines of code because the general philosophy has been it’s ok to leak usernames. So consider over 50,000 plugins and 000s of themes that may include leaks and need fixing. If the philosophy changes, then researchers get to open CVEs on a ton of code because it’s now considered ‘insecure’ compared to core.
Forum: Requests and Feedback
In reply to: Stop Allowing User EnumerationAgreed. Just an FYI that our team changed our position on this a while back and are still working to update documentation and product. I’m mentioning it in case you cite our research.
Better to spend energy on securing the authentication process through strong passwords and 2 factor authentication.
Mark.
Forum: Fixing WordPress
In reply to: admin-ajax.php vulnerability? I got hacked!The GDPR plugin is an exploit via admin-ajax.php so your logs indicate this _may_ be the vector. But they are post requests so we cant see the payload.
More info here: https://www.wordfence.com/blog/2018/11/privilege-escalation-flaw-in-wp-gdpr-compliance-plugin-exploited-in-the-wild/
Hi Bill. Just want you to know the team is chatting about this internally and a reply will be forthcoming.
Also it looks like you’re not using the full hash but just a few bytes. That would potentially cause collisions.
Marking as resolved.