wfalaa

Hi,

Wordfence is licensed under GPL licence. Regarding the additional libraries question, I don’t have a list for that now, but you can easily figure that out by searching for “.js” files or references in the plugin’s directory.

Thanks.

Hi @elraton14

Unfortunately, according to the information you provided us now, we also don’t know who installed Wordfence on your website and we can’t know that for sure.

What I suggest to do is to check the web server access log files and the database log files as well as they should have traces of the installation of the plugin files/tables. Also, think about other sites installed on your server that might be sharing the same database with different table prefixes?

I know it will be a long investigation process, you might need to hire a professional security analyst to track this down if you feel such inspection is needed.

Thanks.

Hi,

Are you still getting these errors? as it might be a temporary server connection error. If you still getting it, then check the “Connectivity” section in the diagnostics page (Wordfence > Tools > Diagnostics), if your website can’t connect to our servers, then you will have to contact your web host regarding this issue, perhaps they need whitelist our servers’ IPs:
https://www.wordfence.com/help/advanced/#servers-and-ip-range

Thanks.

Hi @olluxx

We have a detailed guide that should help you uninstalling the plugin without encountering this issue, please check it here.

Thanks.

Hi @velarie2112,

The permissions for these files should be 644 and 660 respectively.

I’m not really sure why Wordfence Firewall isn’t being detected by GoDaddy/Sucuri, it might have something related to the type of firewall we have implemented in Wordfence which is “Endpoint Firewall”, that runs on the actual server it is protecting. That means there is no way to bypass it over the internet in contrast to the other type of firewall which is “Cloud-based Firewall”, to learn more about the difference between these two types, check these articles:

– Why Choose An Endpoint Firewall Like Wordfence
– Endpoint vs Cloud Security: The Cloud WAF Bypass Problem
– Endpoint vs Cloud Security: The Cloud WAF User Identity Problem

Thanks.

Hi @danjde

This is most probably a theme or a plugin causing this issue, I suggest disabling all other installed plugins and reverting back to the default WordPress theme, then re-enabling the plugins/theme one by one to find out the culprit.

A very good way to do that on live website is to use “Health Check” plugin, as it has its own “Troubleshooting guide” that works only on the logged-in session, so you don’t worry about other users visiting your site.

Thanks.

Hi Teresa,

This might be a temporary server connection issue, are you still having this issue meanwhile when starting a new scan?

Thanks.

Hi @tmuikku

Most probably this is something you can enhance its performance from the server side, try asking your web host if they can optimize your database tables, especially this wp_wfConfig one.

Thanks.

Hi @kenw232

Sorry but I’m not sure I can fully understand the situation here, could you please elaborate in details what’s going on?

Thanks.

Hi @notanonymous

On some servers, we have seen that certain scripts might delete “wflogs” directory thinking of it as a potential threat (false positive), as a result the folder will be regenerated again, it might be that when it’s regenerated it will be owned by a different user than the user your web server is running on?

I suggest manually deleting this folder and recheck the generated copy to make sure it’s owned by the server user that has read/write permissions.

Thanks.

Hi Rafael,

Is the server running on LiteSpeed as well? did you try adding the LiteSpeed related code in “.htaccess” file as mentioned in the referenced thread?

Also, please send me a diagnostics and scan activity logs to “alaa [at] wordfence [dot] com”.

Thanks.

Hi @jefferisp7

There seem to be some server errors that aren’t related to Wordfence that might be causing the scan to fail, check this article that might help in resolving this issue, if it didn’t, then you will have to reach out to your web host to resolve these errors first.

Thanks.

Hi @moosewood

Yes, this can be changed in php.ini file. That’s the value you need to change to be exact max_execution_time, however, feel free to reach out to your web host asking them to change it for you if you don’t know how to do that.

Thanks.

Hi @davidecorizzo

This could be either a theme or a plugin conflict, a good way to narrow down this issue is to use “Health Check” plugin and enable “Troubleshooting mode“. The good thing about “Heath Check” plugin is that it’s developed by WordPress team and it only affects your logged in session so that other visitors won’t be affected.

Let me know how it goes,
Thanks.

Hi @beyoyo2

Please send a copy of this file “wordfence/vendor/wordfence/wf-waf/src/lib/storage/file.php” to “alaa [at] wordfence [dot] com”, our team would like to investigate that copy on your site.

Thanks.