wfjanet

Hi @vlkor,

Thank you for reaching out to us.

At this time, you cannot customize Wordfence’s block pages which explains why UTF-8 is not defined on the blocking page.

We have a development case open at the moment to introduce this functionality along with the wider customization of Wordfence emails and error page content. However, I am unable to comment on the exact delivery timelines here on the forums.

I hope this helps you out.

Thanks,
Janet

Hi @giuseppe2016,

Thank you for reaching out to us. I’m sorry to hear that you were unable to access your site.

If 2FA is still not working, please follow the steps below:

• Please use FTP/SFTP — or any file manager your web host provides via their administration panel.
• Look inside the /wp-content/plugins/ directory and rename the wordfence directory to wordfence.bak. This will deactivate Wordfence and allow you to log in without the 2FA code.
• Once you have logged in to your WordPress admin you can name the folder back to wordfence again.
• Go to your user profile and add 2FA back to your account. You can consider using a different Authenticator app like Google Authenticator or any of the apps listed in our article on Two-factor authentication.

If you would like to remove Wordfence from your site, please follow the steps detailed in our article on Removing or resetting Wordfence.

Let me know in case you need any further assistance.

Thanks,
Janet

Hi @johnwsm,

Thank you for reaching out to us.

On the free version of Wordfence, a quick scan runs every day, and a full scan runs every 72 hours. The quick scan checks for WPScan vulnerabilities and repository versions, but an updated repository status against your installed plugin list will not refresh until the next full scan is run manually or automatically. To get notified of file changes, ensure you check Scan core files against repository version for changes under General Options>Scan Options.

There are two options to enable notifications in Wordfence:

• Dashboard Notifications: These options allow you to select which types of notifications appear on the Wordfence “Dashboard” page. Ensure that you have enabled Scan results notifications for notifications on file changes. These can be configured under Global Options > General Wordfence Options > Dashboard Notification Options
• Email Alert Preferences: Wordfence sends email alerts on certain events if you have enabled the alerts in this section. The alerts are sent to the email address provided under Global Options>General Wordfence Options > Where to email alerts. The notification preferences can be configured by navigating to Global Options>General Wordfence Options > Email Alert Preferences.

Please check out this video on Tuning Wordfence Alerts for further guidance.

Thanks,
Janet

Hi

I’m glad Google Authenticator worked for you. I’m not sure what could be causing the issue between Authy and Wordfence.

Could try adjusting the timezone on the website to EDT instead of PDT to match your phone and test to see whether Authy works? If it doesn’t work, please try the troubleshooting steps below:

• Install any pending phone or tablet operating system updates.
• ?Make sure the authentication application is using the latest version.
• Remove the entry for Wordfence in the authentication application.
• Turn your phone or tablet fully off and on again.
• Reload the Login Security >> Two-Factor Authentication page again to create a new QR code.
• ?Try to set up 2FA again.

Let me know how it goes.

Thanks,

Janet

Hi @ellmanncreative,

Thank you for reaching out to us. This could happen when Login Security Tables are frozen or crashed. Please try the options below:

Try disabling Wordfence and enabling it again. This may restart the table. If this doesn’t work, try option two below.

If you do not have many users on the site, I suggest clearing the tables and having them rebuilt by doing the following:

• Navigate to Wordfence > Login Security > Settings
• Enable the option Delete Login Security tables and data on deactivation
• Deactivate and Activate Wordfence

Once done, please set up any 2FAs that had been set up previously but then you can test the 30 days option.

Please note that this option will only remember the device you’re on when you log into your account. For example, if you log into your site with 2FA using your laptop, then your laptop will not need the 2FA anymore for 30 days if your IP doesn’t change.
Let me know how it goes.

Thanks,
Janet

Hi @joshivince,

Thank you for sending this through. I couldn’t find any errors that could be causing the issue.

For further troubleshooting, enable Wordfence, and switch the firewall from Learning Mode to Enabled and Protecting in Wordfence > Firewall > All Firewall Options. Refresh the page and be sure Wordfence is staying in Enabled and Protecting. After that, confirm if the redirect issue is occurring or not.

If the issue is still occurring, keep Wordfence enabled and try switching to a default theme and see if the issue persists. If the issue does keep occurring, make sure that the redirects are pointing to an https link and not http. Since your site is on https, any redirects that point to the https:// version of the site could potentially result in a redirect issue.

If none of the above work, check Live Traffic to see if any new entries come up while testing the redirects functionality. Make sure it is set to the All Traffic logging mode under Wordfence >Tools > Live Traffic > Live Traffic Options and send over updated error logs from Wordfence > Tools > Diagnostics > Log Files to [email protected] with your forum username as the subject.

Looking forward to hearing from you.

Thanks,
Janet.

Hi @macscr,

Sorry for the double responses.

If you’re running Wordfence on a site where the wp-content directory is not writable, you can change the default path to a path that is writable by defining a constant in wordfence-waf.php. With the firewall set up with “Extended Protection” (using .htaccess or .user.ini), modify the line below in wordfence-waf.php, and change the path to a safe and writable location:

define(“WFWAF_LOG_PATH”, ‘/var/www/html/wp-content/wflogs/’);

Please try this in case the solution provided above didn’t solve your issue.

Thanks,

Janet

Hi

Try enabling the option “Start all scans remotely” found in the “Debugging Options” section at the bottom of the “Diagnostics” tab on the Wordfence “Tools” page. If the scan still fails, please do the following for me:

• Go to the Wordfence > Tools > Diagnostics page
• In the “Debugging Options” section check the circle “Enable debugging mode”
• Click to “Save Changes”.
• CANCEL any current scan and start a NEW scan
• Copy the last 20 lines from the Log (click the “Show Log” link) or so of the activity log once the scan finishes and paste them in this post.

Wordfence > Tools > Diagnostic > Debugging Screenshot

This will help me see exactly what is happening when the scan fails.

On the IP address, I’d recommend that you add the second IP address – 64.252.87.124 to the Trusted Proxies. To do this, go to Wordfence > All Options > General Wordfence Options >How does Wordfence get IPs and click on the text link +Edit trusted proxies to add the IP address. I also noticed that this IP is different from the one on the diagnostic file so there is a possibility that it changes regularly. Confirm this with your host so that you can add all the IP addresses.

Let me know if you have any questions.

Thanks,

Janet

Hi @wpwpwpw987234,

Thank you for reaching out to us and for sharing the detailed troubleshooting steps you have taken so far.

Please try the suggestions below:

• Use a different Authenticator app like Google Authenticator or any of the apps listed in our article on Two-factor authentication.
• Use a different browser to enable 2FA, as there could be an extension or cache causing the issue.

If none of the above options work, please send a diagnostic report to wftest @ wordfence . com. You can find the link to do so at the top of the Wordfence > Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.

NOTE:It should look as follows – Screenshot of Tools > Diagnostic > Send by Email

Looking forward to hearing from you.

Thanks,
Janet

Hi

Thank you for reaching out to us and for sharing the screenshot.

By default, a Wordfence scan looks at the following: wp-admin, wp-content, wp-includes, all subdirectories of those directories – all files in your base WordPress directory.

The option to “Scan files outside your WordPress installation” is not currently enabled in your configuration which explains the Path Skipped issue you’re having. When you enable this option, it scans all subdirectories of your WordPress installation, even if they aren’t part of WordPress.

If you would like to enable this option, please click on GO TO OPTION on the bottom left of the screenshot you shared and enable it. Otherwise, click on MARK AS FIXED.

I hope this is helpful. In case you have any further questions, please feel free to reach out to us.

Thanks,
Janet

Hi @salpilk,

Thank you for reaching out to us.

This issue normally occurs when Wordfence has an issue writing data to the wflogs folder. This can be caused by corrupt files or the hosting environment has run out of allowed space or the file is not available/permitted to be written to.

As for your question on permissions, they should be set to 755 for the WordPress site’s directories – this includes the wflogs folder and the process owner should be set to www-data if needed for your setup.

If the issue persists, you can bypass the need to write to these files entirely by setting Wordfence to use the MySQLi storage engine instead: https://www.wordfence.com/help/firewall/mysqli-storage-engine/

Please get back to us in case the above doesn’t solve your issue.

Thanks,

Janet.

Hi

Thank you for reaching out to us.

This error indicates that more memory needs to be allocated to PHP. PHP memory is cumulative meaning that the amount set in php.ini is shared between all plugins, themes, WordPress, and any other non-WordPress apps installed in the site folder. Normally, changing the Memory Limit in the php.ini file to 256M solves this problem but you already have this covered. Please see the recommendations below:

• Upgrade to PHP 7 or above since it introduced better memory handling.
• On your wp-config.php file, look for the wp_memory_limit and update it to 256M define(‘WP_MEMORY_LIMIT’, ‘256M’);
• Adjust the Wordfence performance options to the recommended settings.
• Adjust the max_execution_time to 60. Sometimes, having a long execution time may cause the scan to timeout.

If the issue still persists, please contact your site administrator or hosting provider and work with them to determine what is causing this issue since memory exhaustion may be occurring outside of PHP somewhere on the server.

Thanks,

Janet

Hi @ghina1,

Thank you for sending this through. Everything looks good on the diagnostic report.

I suspect this could be a false positive issue that can be resolved by switching the firewall to Learning Mode. Sometimes, WordPress plugins or themes may exhibit behavior that resembles known attack patterns which results in the Wordfence Firewall blocking something that is not malicious.

From the Wordfence Dashboard click on Manage WAF. Then you will see Basic Firewall Options > Web Application Firewall Status. Change the option to Learning Mode. Now proceed to confirm whether you still experience these issues. This will help Wordfence learn that these actions are normal and it will allow them in the future. Once done, switch the WAF from Learning Mode back to Enabled and Protecting then test to see that you are getting the same errors.

I also noticed that more than one IP addresses are in use for the “X-Forwarded-For” value on the diagnostic file. It would be great to confirm that Wordfence is detecting visitor IPs correctly. To confirm, navigate to Wordfence > Tools > Diagnostics > IP Detection and confirm that it displays the IP address shown on https://whatsmyip.com/.

Please let me know what you find.

Thanks,
Janet.

Hi @macscr,

Thank you for reaching out to us.

You can bypass the need to write to these files entirely by setting Wordfence to use the MySQLi storage engine instead: https://www.wordfence.com/help/firewall/mysqli-storage-engine/

Please get back to us in case the above doesn’t solve your issue.

Thanks,
Janet

Hi @nige-mcilwaine,

Thank you for reaching out to us.

You’re right, if you would like to delete the whole folder, FTP is the best way to go about it. Always make sure to do a backup of your site before deleting anything.

For me to better identify the possible problem and advise on the best way to proceed, please copy/paste one of the scan results here to see what the reasoning for the file(s) being flagged is. You can either paste it here with sensitive information removed or take a screenshot and obscure any personal details with a service like Snipboard – then paste the link in your response.

Looking forward to hearing from you.

Thanks,
Janet