wfscott

Hello @makhay,

Thanks for reporting this. We are aware of the issue and will be finding a fix to this as soon as we can.

-Scott

Hello @chrislewis000,

Could you confirm for me the permissions of the wp-content/wflogs folder? Also, if you could take a look at the permissions of the files in that folder, and let me know what the general pattern is there.

What are the permissions on your root folder where the wp-admin, wp-content, etc resides?

-Scott

Hello @ehudson3,

Sorry for the issues you’re having.

Could you please send me over your diagnostics from Wordfence > Tools > Diagnostics > Send report by email to scottm [at] wordfence [dot] com

Please include your forum username in that second box below the email address. I’ll be happy to look into this for you.

-Scott

Hello @irongenetics96,

It looks like your subdomain installation is not a child of the first installation — so in this case with the layout you described, you seem to be ok to enable the firewalls in no particular order.

As long as both installations seem to be functioning properly, there shouldn’t be anything to watch out for in regards to this, from what I can see.

Feel free to let us know if you need any help.

-Scott

Hi @zwazo,

Unfortunately a few users experienced problems with auto update in our last release. The issue was caused by some files not being properly deleted on the server during the reinstall. We’re on it and will be adding some new code that should prevent this from happening in the future.

As you alluded to, deleting the “wordfence” folder in wp-content/plugins and reinstalling from the WordPress plugins page should clear things up. All your data is saved in the database so settings will be intact.

Thanks for reaching out, and feel free to let me know if you need any help.

-Scott

Anytime, and sorry for the inconvenience.

-Scott

Hello @jmhemadri

Thanks for reaching out. It looks like the Wordfence automatic update failed.

Can you please follow these instructions:

*Log in to your site via FTP/SSH or any file browser your web host may be providing.
*Locate the folder “wordfence” in /wp-content/plugins
*Delete the /wordfence folder
*Go to WordPress Plugins page and install Wordfence. Activate (the new) Wordfence.

When you reinstall and activate Wordfence, your previous settings will still be intact (as long as ‘Delete all wordfence tables and data’ on the Dashboard > Global Options page in the General Wordfence Options section is not checked. If that box is checked, you will lose all your settings.)

Let me know if this solves your issue

-Scott

Hey @daftshadow,

You should be receiving protection from Wordfence if everything looks good on your end in the diagnostics (Wordfence > Tools > Diagnostics). However, I believe WP Engine actively scans for plugins which are disallowed by their service, which may eventually result in the removal of the plugin from your server.

-Scott

Hello @ionna,

In my personal tests, blocking an email address has no effect. From what I saw, you will need to block specific usernames in order to get results. (I.e. real.name rather than [email protected])

If you were to block “real.name”, you would block out any potential attacker who tries to login using that string.

In any event, I believe that you would be safe in the scenario that you mentioned if you were to setup rules how you described, however, it seems you will only get results from the usernames.

Let me know if you need anything else!

-Scott

@daftshadow,

I apologize for the delayed response. Unfortunately, WP Engine does not currently support the Wordfence plugin.

We have been working with them on this issue and hope our plugin will be compatible with their service in the future.

Sorry for the inconvenience

-Scott

Hello @maximiwanow,

It seems as if some file paths changed in the move from one host to the other.

In the future, to avoid this issue, it is important to use the ‘Remove Extended Protection‘ option in (Wordfence > Firewall > All Firewall Options underneath Protection Level) before migrating hosts.

In this case, you will need to delete references to wordfence-waf in the .htaccess, .user.ini, and/or php.ini files.

You can search these files for “wordfence-waf”. These references will look like so:

php_value auto_prepend_file "/path_to_file/wordfence-waf.php"

auto_prepend_file = '/home/username/website.com/wordfence-waf.php'

After you remove those references of wordfence-waf from the files, you can go ahead and manually remove the wordfence-waf.php file.

You should then have access to your site, where you can then set up extended protection again via the firewall page.

-Scott

Hello @pollyleritae,

Could you please send me over a diagnostics report via (Wordfence > Tools > Diagnostics > Send report by email) to scottm [at] wordfence [dot] com

Please include your forum username in that second field and I’ll take a look for you!

Thanks

-Scott

Hello @trustinmercy773,

If I am understanding correctly, this is a regular multi-site setup through WordPress, correct? I’m just making sure you aren’t using the WP Multi Network plugin, which we do not support.

If you’re seeing Wordfence as an option in the network admin area, your network of sites should be protected.

Have you been able to see visits to the other sites (such as trustinmercy.world) via the Live Traffic tool? If so, that is a sign that those sites are being monitored and protected.

Let me know!

Thanks
-Scott

@kevs23,

In regards to downloading the files, Wordfence recommends downloading the .htaccess and/or .user.ini files incase you need to use them for a backup. If you do go through the optimization process, download the files when prompted and save them on your computer, just in case of an issue.

The default Wordfence offers very good protection. However, to tighten things up to cover you the best, there is just a little configuration that needs done to optimize the firewall. So if you don’t feel comfortable optimizing, and you aren’t currently experiencing any issues, you can leave it as-is and you’ll still be protected more so than you would be not having the plugin installed. It is just recommended to have the firewall optimized to give the highest amount of protection.

Just ask if you need anything!

-Scott

Hello @autorentaluganda,

We’ll be happy to take a look and see what might be causing your issue. Could I please get you to start a new separate topic with some information detailing the issue you’re having? Having the issues in their own separate topics helps us keep track of things better.

-Scott