admin-ajax.php

  • Resolved born2excite

    (@born2excite)


    5 years, 4 months ago

    Hello.
    Can you please tell me if WordFence legitimately, needs access to admin-ajax.php?

    I ask because, Wordfence recently blocked 157 sustained attacks all attempting to use admin-ajax.php so, I created a Firewall Rule on Cloudflare to challenge bots accessing admin-ajax.php.

    Then I noticed Firewall Rule events on Cloudflare where the rule was triggered but seemed to implicate WordFence. So, I’m wondering:

    1. does WordFence legitimately needs access to admin-ajax.php
    2. should I remove the Firewall Rule on Cloudflare

    URLs that involve Wordfence / triggered the Firewall Rule events on Cloudflare:

    /wp-admin/admin-ajax.php?action=wordfence_testAjax

    and

    /wp-admin/admin-ajax.php?action=wordfence_doScan&isFork=0&scanMode=quick&cronKey=7a039edb6b941bd2e1fe24d2326bc7c3

    Thank you!
    Julian

Viewing 2 replies - 1 through 2 (of 2 total)

  • Hi Julian,

    Wordfence has an option to Start all scans remotely found under Tools -> Diagnostics -> Debugging Options.

    View post on imgur.com

    This will make Wordfence open a connection to https://example.com/wp-admin/admin-ajax.php in order to start the scan.

    The URLs you posted both relate to scans:

    admin-ajax.php?action=wordfence_testAjax -> seeing if Wordfence is able to access admin.ajax

    admin-ajax.php?action=wordfence_doScan -> actually start the scan

    So to answer your two questions:

    1. Yes, Wordfence does need to access admin-ajax.php in order to start scans remotely.

    2. You can keep the rule, but tweak it so that you and other administrators are not blocked by that rule. Note that some other WordPress plugins may use this file, so you may want to be on the lookout for other blocked connections from Cloudflare.

    Dave

    Thread Starter born2excite

    (@born2excite)

    Hi Dave,

    BIG thanks for providing a detailed answer! Sorry for my late reply, I was waiting for a notification from WordPress about a reply but I never did get a notification. I discovered your reply after randomly checking mysely.

    All the best,
    Julian

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘admin-ajax.php’ is closed to new replies.