Scott Dayman

#1 No. I use Cloudflare. When Cloudflare needs to refresh its cache, it pulls from your Wordfenced site, just like a regular user.

#2 What’s there won’t conflict, but personally I’d take it out. Cloudflare does a good enough job for me in setting cache times. My htaccess doesn’t have sections for deflate, .ico, and cache-control.

#3 They did what I pretty much did: block access to xmlrpc for all. I’m not sure what the point of the 403 section is since it allows access for all.

I believe they need to be separate.

Try adding a cache exclusion on the Performance Setup page. I don’t use this feature, but I’d try:
URL Exactly Matches /

The process hung. Kill it and try again.

I ran that scan on my site and it didn’t flag my jquery-migrate.min, which is also 1.2.1.

Since nobody’s answered, try a do-over:
Go to Wordfence options and click the box to turn on “Delete Wordfence tables and data on deactivation?”
Deactivate the plugin.
Delete the plugin.

Re-install.

I don’t use Live Traffic, but I do have my update interval set to 60. I think it also affects the scan windows.

Upping your interval should also reduce the load on your server.

That’s par for the course. They’ll probably eventually give up. One way or another they’ll be hitting your site. You can check your server logs to see if they’re using a particular bogus user agent you can block.

I have multiple sites on Cloudflare. Cloudflare would periodically change the IP address of *one* of the sites. Each time, Wordfence would alert me, so I’d check Cloudflare’s IP address range list and find it to be legitimate. So I’d click the “I know about this change” and the alert would go away. You shouldn’t have to click either of your bracketed links, as they’re a global CLEAR. I clear one issue at a time when they pop up.

Now to be safe, check the Ignored Issues tab to see if there’s anything there.

Go ahead and leave the scan option on if you don’t mind the DNS alerts.

I wouldn’t run SuperCache at the same time as Worfence’s cache. Pick one.

I don’t use JetPack, but haven’t heard of any issues.

I use Cloudflare and it works well with Wordfence. Wordfence is pretty smart about its caching. When Cloudflare pulls data from your site, Wordfence will deliver up-to-date pages.

Ah, I see. You think Wordfence is triggering something at your host provider that’s blocking you. That shouldn’t happen.

I’ve had my host completely block my home IP address over excessive SSH/SFTP connections. It clears up after an hour or so.

Hopefully your host can figure this out.

I have *one* WP install on a multi-site. It’s also a pretty limited site (more like a place-holder). For the *one* domain there, Wordfence is working. I’ve done *nothing* special to my multisite install or Wordfence.

I’m surprised that Wordfence would even work on a Multi-Site. When I access some other site with a slightly different ULR (www.example.com vs. example.com), Wordfence complains about the DNS. No telling what else it’s struggling with in that situation.

They say it can handle Multi-Site. Maybe someone else here actually has it running on Multi-Site with multiple domains.

Have you added your home IP address to the whitelist on the Options page?

Manually download the plugin and drop it in your plugins directory. Click OK to overwrite old plugin folder.

No. Does this happen frequently? Sounds like someone abusing your site and needs to be blocked.