WFSupport

I wouldn’t call 231 1 star reviews out of 3,530 5 star reviews over almost 11 years an issue. These are all read by our staff and we try to make changes where appropriate so others don’t have the same experience the 1 star reviewer had. In your case the removal process is well documented. When you deactivate the plugin it even asks if you would like to remove everything so it knows what to keep (if you just want to reinstall but keep all the settings, for example). We did respond to you and will continue to do so in the support forums. Hopefully you’ll follow Peter’s instructions in your forum post and be able to solve your issue.

Mia

Thanks for sharing your thoughts about Wordfence.

I see you opened a support post around 11pm est and then 7 minutes later left a negative review. While I am sure that your issue is important to you I’d remind you that support in the www.remarpro.com forums is voluntary and not offered 24/7/365 days a year. We do our best to answer everyone’s questions and have paid and trained staff here to help, but it is not reasonable to expect instant support in the middle of the night for a free plugin. Please be patient for any plugin support on www.remarpro.com and allow a plugin team or other community member time to help. I do see that Pete answered you about 2 hours ago (around 3 hours before our posted business hours!) and pointed you to the instructions on how to remove the plugin in our online documentation.

Getting to the crux of the issue, that site visitors are being blocked, Wordfence default settings are pretty lenient. For example, the default brute force settings allow 20 attempts at logging in before an IP is blocked. That’s so that when you install the plugin it won’t immediately block you if there is a problem. If those settings were changed from the defaults they were changed by either you or your dev from Fiverr. If a dev installs something on the site you should definitely ask them to walk you through how to use it before signing off that the work is done.

One last thing I thought I would mention. There are some good developers on Fiverr but there are also a lot of developers there that are less than reputable. These developers will sometimes offer to install a Premium version of a plugin like Wordfence for an additional cost and often at a cost that is less than the License cost on Wordfence.com (currently $119 per license per year). This is what is often referred to as a ‘nulled’ plugin. Not only will these plugins not work correctly (because they can’t validate with our servers to get scan signatures and firewall rules) but often they contain malicious code that allows hackers to compromise the site. This may not be the case for you but I wanted to make sure and warn you just in case it was, as well as mention it in case anyone else found this review in a Google search.

Please follow the steps in the link Pete sent you and, if you choose to reinstall Wordfence, make sure and check the documentation before you change any settings that you don’t understand. If however, you choose to go with another security provider, we wish you well in your experience there.

Mia

Can you send the diagnostics page to wftest [at] wordfence [dot] com? Make sure and add your forum username (@pete468) where indicated. Reply here to let us know it has been sent.

Mia

Try checking the PHP memory_limit variable and increasing that if necessary. Anything less than 256M is probably going to be sluggish. If you do increase it make sure that the max_execution_ time variable is set between 30 and 90.

Mia

Thanks for reaching out.

Can you try a new scan and see if the error persists?

Mia

You might have to try reinstalling Wordfence. You can use the same license you were issued before. When you choose to deactivate the plugin you should see a pop up that asked what you want to delete. Delete all tables and data. Then when you reactivate Wordfence it should set the tables back up that it needs.

We can’t offer support for your database question but someone else in the community might be able to. Windows isn’t officially supported.

Mia

Thanks for reaching out.

I thought I’d address your comments about changing the admin URL, which could be the problem.

Changing the login URL is a feature we do not include in Wordfence. Though it is something that many people swear by and can help a little in certain situations it’s ultimately not very beneficial. These are the reasons why:

1. Changing WordPress URLs involves a risk of breaking functionality of WordPress themes and plugins.
   For example, WordPress JavaScript XMLHttpRequest object (AJAX) functions are triggered via admin-ajax.php which is located in wp-admin folder. Changing /wp-admin is a URL but it is also a folder path. We have seen plugins that change the admin URL break this functionality unintentionally, but it causes confusion as to what happened, what went wrong, and what was to blame..
2. Changing the URL makes us feel more secure but it does not actually make the site more secure.
   It is what many security analysts refer to as “security through obscurity”. It’s like boarding up the front door of your home to protect yourself against a burglary. Someone looking for a quick break in may be deterred, but any seasoned thief is just going to go look for another door or window to get in. Any serious attacker can and will anticipate this and look for other ways in too.
3. Over half of all login attempts that are made on WordPress sites are made via xmlrpc.php.
   Those will not be stopped by changing your admin URL. Our Wordfence Login Security and Wordfence plugins offer the option to block XMLRPC or at least require 2FA with authentication requests using XMLRPC on the Login Security > Settings page.

Additionally, if you change the wp-admin or wp-login URLs you also lose visibility on who is attempting to log in to your site and when they are doing it since we’re not looking for logins on a random URL that you created.

What we recommend as a means of reducing login attempts is using the Brute Force Protection settings and by blocking XMLRPC like I mentioned before. Also using the 2FA functionality we give you for free in Wordfence and Wordfence Login Security will greatly reduce the risk of a compromise.

Try naming /wp-admin back and see if that helps the scans.

Mia

That’s the first time I;ve ever heard of that. Who did you talk to that said that Wordfence wasn’t compatible with the Newspaper theme?

Also, if you have a Premium license you can reach out to us in Premium support. Login to your account on Wordfence.com and click the Get Help button on the Licenses page.

Mia

Thanks for reaching out.

?I suspect because this messaging has been added in WordPress 6.1.1. It would be prudent to add that this is not a Wordfence specific issue. It can happen with any plugin or theme (see this search for reference). If the job mentioned does not appear in your list of cron jobs any more, things should be fine so long as your scans are completing. This particular cron job mentioned just watches a running scan to ensure the scan finishes, and it does not need to be rescheduled when it ends. This looks like it could be caused by a race condition where two hits occurring at the same time are both trying to update cron jobs, which has been a long-standing issue in WordPress. It’s likely that one of the hits succeeded, and this error is the result of the second. Check to see if subsequent automatic scans are completing. If they are, you can likely ignore this error. If not you may have to set up manual crons. Most hosting companies have specific instructions on how to do this so googling the hosting company name and ‘wordpress manual cron’ will likely get you the instructions to do this.

Mia

Sorry but I forgot to answer about the other error.
[21-Jun-2023 15:07:27 UTC] PHP Fatal error:? Unknown: Failed opening required ‘/home/bowenthe/lingregory.com/wordfence-waf.php’ (include_path=’.:/opt/cpanel/ea-php55/root/usr/share/pear’) in Unknown on line 0
This error usually happens after a site is migrated to a new file location or hosting company. The firewall is optimized using the PHP auto_prepend_file variable which needs the path to the wordfence-waf.php file. You can check .user.ini or php.ini (whichever you use) in the root of the site. the code will be similar to this
; Wordfence WAF
auto_prepend_file = ‘//home/bowenthe/lingregory.com/wordfence-waf.php’
; END Wordfence WAF
Remove that code completely. Then you’ll need to optimize the firewall again on the Wordfence > Firewall > Manage WAF page.

Mia

Deleting the wflog folder won’t affect the memory limit error. The error means that there isn’t enough memory allocated to PHP for everything you have going on with the site. That memory is cumulative so all your plugins, your theme, WordPress, and any other PHP apps you have running share it. If it isn’t enough this PHP error occurs. The file path involved in the error is just the final process to run when it crashed. In this case you can add it in php.ini or .user.ini depending on your hosting setup. 256M is usually what I see most sites set to but if you have a larger site setting it to 512M isn’t out of the question. You might also check that the max_execution_time PHP variable is set somewhere between 30 and 90 to prevent hung scripts from taking forever to die.

NOTE: Some hosts may have this configured to not allow users to set a higher value for memory_limit locally, so you will have to contact your host to increase your memory allocation.

Mia

Did you try changing the permissions of the file? WordPress recommends 644 but depending on file ownership, you may need to set the permissions to allow group write (664).

Mia

Are you positive it is the REST API? I would think it would be the option to Require 2FA for XML-RPC call authentication on the Wordfence > Login Security > Settings page. Try setting that to “Skipped” and unchecking Disable XML-RPC authentication.

Mia

Can you try resetting the permalinks to the default option then setting them back to the way you want them?

Mia

I can’t see anything there that looks like it would make scans take longer. Can you send a diagnostics report to wftest [at] wordfence [dot] com and reply heere once it is sent? Make sure and include your forum username where indicated.

Mia