Scott Dayman

It’s possible that something like https://managewp.com will do it, but for a price.

2600:3c00::f03c:91ff:fe73:b736 is an IPv6 address (longer format with more digits and hex)
10.145.150.160 is an IPv4 address.

Wordfence plain won’t work with IPv6 enabled, hence the error message that “…can’t operate”

Yeah, I get that, too. I use Cloudflare and have a bypass domain to view/edit my site. If I visit “cloudflaredirect.example.com”, it’ll trigger that DNS warning. I can see that your warnings show blog1 and www, which is similar to what triggers mine.

Following a WordFence suggestion from some other post, I’ve turned off the DNS scan.

On the Performance Settings page, there’s a checkbox to enable HTML code in the footer.

It’s not always a threat, but I do go with WordFence’s recommendations and restore the original file.

Wordfence doesn’t support IPv6. Disable IPv6 for your website. This is usually done via your cPanel, or whatever your host provider uses for a control panel.

They’re not Blocked IPs (from accessing the site). They’re Locked out from Login (the second tab on that screen).

How do you know admin,Admin isn’t getting locked out? If you’re testing from home, is your IP address whitelisted to bypass all rules?

I don’t think they stopped the alerts, but just fixed the blank usernames so they now reflect the actual attempted username. The ” (blank) entries have stopped on my sites and am back to ‘admin’ and others.

I know I’ve gotten this to work for xmlrpc.php, but have since removed the block. Are people accessing your site as https://www.example.com, or without the www? (example.com)

Your entry looks like what I did, but my site doesn’t include “www.” Since my memory’s a bit fuzzy, I may have just used “/xmlrpc.php”

I have mod_cloudflare on my server, but the plugin offers a little bit more:

Description
The CloudFlare WordPress Plugin ensures your WordPress blog is running optimally on the CloudFlare platform.

CloudFlare has developed a plugin for WordPress. By using the CloudFlare WordPress Plugin, you receive:

Correct IP Address information for comments posted to your site
Optimization of your server database
Better protection as spammers from your WordPress blog get reported to CloudFlare
Things you need to know
The main purpose of this plugin is to ensure you have no change to your originating IPs when using CloudFlare. Since CloudFlare acts a reverse proxy, connecting IPs now come from CloudFlare’s range. This plugin will ensure you can continue to see the originating IP.

This plugin can also help to ensure your server database is running optimally. If you are going to run the Database Optimizer associated with this plugin, then run it at a low traffic time. While the database optimizer is running, your site will go into Read Only mode, which means that you or your visitors will not be allowed to post. The optimizer should run quickly. Once the optimizer is done running, you will be able to post to your site again.

Every time you click the ‘spam’ button on your blog, this threat information is sent to CloudFlare to ensure you are constantly getting the best site protection.

We recommend that any user on WordPress and CloudFlare should use this plugin.

I use CloudFlare. All my sites route through CloudFlare, and CloudFlare has a single set of blocking rules. If I block an IP address at CloudFlare, it blocks them from all sites.

It’s not as slick as Advanced Blocking, but it’s the easiest option for my situation.

Wordfence cache happens after the firewall. If the firewall lets someone through, they’re served a cached version of the page.

Justin, while I understand your pay-for-support approach, my issue regarding submenus on the iPad looks more like a bug. Submenus work in other themes. Are you saying it’s not a bug? Or do I have to pay $25 to report a bug?

Does it happen all the time? It *usually* works for me, so when I get the cron key error, I kill the scan, then manually start it.

This is their suggestion:
https://support.wordfence.com/support/solutions/articles/1000011129-my-scans-don-t-finish-what-can-i

I posted this problem a couple of weeks ago. No response from Wordfence. It appears there’s nothing you can do other than kill the running scan and then start a new one.