Why are these Defender icons displaying on my TOTP login page? See screencap below…

https://renemichaels.com/tempfiles/Defender-Screenshot-2024-11-15%20111359.jpg

Failure to enable two-factor authentication

Hello,

For the past couple of weeks, I’ve been experiencing an issue where scheduled Cron Events on my WordPress site are not executing as expected. After thorough troubleshooting, including disabling all plugins and re-enabling them one by one, I’ve narrowed down the problem to the Defender plugin. It seems that Defender is interfering with Cron events, preventing other scheduled actions from running properly.

I’m using the latest version of Defender, and everything else is fully updated.

Has anyone else experienced this issue or found a solution? Any advice on how to resolve it would be greatly appreciated!

Thanks in advance!

Hello, how are you?

Recaptcha and Defender login error

Hello, as agreed, I am creating a new topic regarding the login problem with Recaptcha in Defender.

On several sites that I have created, with different plugins, the recaptcha problem is occurring. I tested with different types of recaptcha (v2 and v3).

The error message appears as if I had not logged in, but even with the error, if I type the dashboard address (/wp-admin) I can access it normally. However, it took a while to discover that the login had been successful, since the message is that there was an error in the recaptcha.

Thank you

Hi there,
I’ve always had trouble using the recaptcha option in Defender but seeing the latest update specifically mentions this being fixed, I deactivated the 3rd party recaptcha plugin I’ve been using and activated it in Defender.

Unfortunately this evening we’ve had a customer contact us to let us know that they are getting an error message from recaptcha.
I disabled the Defender recaptcha and enabled the 3rd party version, cleared the cache (WP Rocket) and they were able to complete the checkout without any issues.

Any idea what might cause the problem?
Are there any known issues / conflicts, is it possibly a caching issue?

The other plugin works without issue so I’ll have to stick with that one for now.
Ideally I’d prefer to not use another plugin, I have a dev site setup for testing if it helps.

Thanks for your help!

Is the Country blocking feature compatible with cache plugins? I’m planning to use the Country blocking + Maxmind Geolite2 data integration in my site.

Normally, there are problems with country blocking and caching on other plugins due to the nature of caching is that a dynamically build web page is cached into a static page.

• This topic was modified 2 months, 3 weeks ago by Rafael Manalo.

The Defender plugin does not seem to necessarily adhere to the standard at one point or use a completely separate SQL or database query to create the database tables of the scanner task.

In pages that use the “SQLite Database Integration” plugin (https://www.ads-software.com/plugins/sqlite-database-integration/), whose functions will later become part of the WordPress core, the Defender plugin permanently displays the following error message in the background:

2024/08/29 15:05:07 [error] 768687#768687: *5203328 FastCGI sent in stderr: "PHP message: WordPress database error <div style="clear:both">&nbsp;</div>
<div class="queries" style="clear:both;margin-bottom:2px;border:red dotted thin;">
<p>MySQL query:</p>
<p>CREATE TABLE IF NOT EXISTS wp_defender_scan (
 id int(11) unsigned NOT NULL AUTO_INCREMENT,
 percent float NOT NULL,
 total_tasks tinyint(4) NOT NULL,
 task_checkpoint varchar(255) NOT NULL,
 status varchar(255) NOT NULL,
 date_start datetime NOT NULL,
 date_end datetime NOT NULL,
 is_automation bool NOT NULL,
 PRIMARY KEY  (id)
) DEFAULT CHARACTER SET utf8mb4;</p>
<p>Queries made or created this session were:</p>
<ol>
<li>Executing: BEGIN | (no parameters)</li>
<li>Executing: ROLLBACK | (no parameters)</li>
</ol>
</div>
<div style="clear:both;margin-bottom:2px;border:red dotted thin;" class="error_message" style="border-bottom:dotted blue thin;">
Error occurred at line 4108 in Function <code>handle_error</code>. Error message was: Unexpected token in MySQL query: is_automation.
</div>
<p>Backtrace:<" while reading response header from upstream, client: XXX.XXX.XXX.XXX, server: example.de, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/var/lib/php5-fpm/webXXX.sock:", host: "domain.xyz"

All other plugins seem to have no problem with the “SQLite Database Integration” plugin and do not show any errors. All other functions of the Defender plugin itself also seem to work flawlessly with the “SQLite Database Integration” plugin. Just not the table creation for “defender_scan”.

Is there a way to get Defender to use the default connectivity and queries for WordPress at this point or is this a bug that needs to be fixed in the Defender plugin itself?

Many thanks in advance.

• This topic was modified 2 months, 4 weeks ago by creationell.

Hi, could you tell me how to properly whitelist Ajax requests for this plugin? I’ve been having an issue with Breakdance displaying the following error: WordPress AJAX Request failed Unexpected response type, expected “application/json”, got “text/html; charset=UTF-8”

Thanks

So do you recommend we use a different Security Plugin since you only offer WAF with sites hosted with WPMUdev? I’m confused, aren’t most customers finding your plugin when using WordPress with other hosting providers, we can’t all just up and switch to your hosting. Now, after setting everything up I realized you don’t offer a WAF unless hosted through you and now I’m out looking around wondering about whether I need it. I came from using CleanTalk Security and their plugin offered it. I’d prefer to not use their product anymore because I like the UI of Defender and I also use Forminator but I don’t like the idea that I have to switch hosting provider. I’ve used my host for 10 years and I’m happy with their service. Please give your your thoughts on this situation. Why don’t you offer WAF outside of your hosting and also, since you don’t. What do you recommend? Finding a universal Security plugin then like Wordfence since all their malware and security protection is all together????

hi when i am on the dashboard of the defender in can see those errors above. They are not visible on my front end

iled for /public_html/.well-known in /public_html/wp-content/plugins/defender-security/src/behavior/scan-item/class-core-integrity.php on line 36

Warning: filesize(): stat failed for /public_html/.well-known in /public_html/wp-content/plugins/defender-security/src/behavior/scan-item/class-core-integrity.php on line 42

Warning: filemtime(): stat failed for /public_html/COPYRIGHT in /public_html/wp-content/plugins/defender-security/src/behavior/scan-item/class-core-integrity.php on line 36

Warning: filesize(): stat failed for /public_html/COPYRIGHT in /public_html/wp-content/plugins/defender-security/src/behavior/scan-item/class-core-integrity.php on line 42

Warning: filemtime(): stat failed for /public_html/assets in /public_html/wp-content/plugins/defender-security/src/behavior/scan-item/class-core-integrity.php on line 36

Warning: filesize(): stat failed for /public_html/assets in /public_html/wp-content/plugins/defender-security/src/behavior/scan-item/class-core-integrity.php on line 42

Warning: filemtime(): stat failed for /public_html/dist in /public_html/wp-content/plugins/defender-security/src/behavior/scan-item/class-core-integrity.php on line 36

Warning: filesize(): stat failed for /public_html/dist in /public_html/wp-content/plugins/defender-security/src/behavior/scan-item/class-core-integrity.php on line 42

Warning: filemtime(): stat failed for /public_html/favicon.ico in /public_html/wp-content/plugins/defender-security/src/behavior/scan-item/class-core-integrity.php on line 36

Warning: filesize(): stat failed for /public_html/favicon.ico in /public_html/wp-content/plugins/defender-security/src/behavior/scan-item/class-core-integrity.php on line 42

Warning: filemtime(): stat failed for /public_html/index.html_ in /public_html/wp-content/plugins/defender-security/src/behavior/scan-item/class-core-integrity.php on line 36

Warning: filesize(): stat failed for /public_html/index.html_ in /public_html/wp-content/plugins/defender-security/src/behavior/scan-item/class-core-integrity.php on line 42

Warning: filemtime(): stat failed for /public_html/phpinfo.php in /public_html/wp-content/plugins/defender-security/src/behavior/scan-item/class-core-integrity.php on line 36

Warning: filesize(): stat failed for /public_html/phpinfo.php in /public_html/wp-content/plugins/defender-security/src/behavior/scan-item/class-core-integrity.php on line 42

any idea how to get rid off them ?

or whats wrong please ?

Hi. Does your plugin offer a feature/option for Rate Limiting to mitigate/Stop DDoS Attacks?

Thank you!

Hello. As soon as I installed the latest version (4.8.0) when I wanted to perform a new scan, I came across this "new thing"…
…"Defender could not complete the malware scan within the time limit. Please increase PHP memory or disable one or more scan types and try again"…
Which does NOT make sense because of the following:
1) These are my numbers from memory…
LiteSpeed ??Web Server
PHP Version 8.2.20 (64bit Compatible)
PHP SAPI:litespeed
PHP max input variables: 2000
PHP time limit: 600
PHP memory limit: 1024M
PHP time limit: 600
Maximum file size to upload: 512M
PHP post max size: 512M
Which -as you see- is MORE THAN ENOUGH (or it was until before this latest version:).
Lastly and as for…
2)…"disable one or more scan types and try again"…
As for Defender, the only ones I have are the ones that you (Defender) say are…
…"Recommended default protection for each site"…
This is…
Safety recommendations
4/12 recommendations activated
Active email notifications
Malware analysis
Asset
Active email notifications
Login Protection active
Detection 404 active
AND ALL OF THEM WERE ACTIVE even BEFORE updating to this LATEST Version.
However, even with this ON, the scan was working PERFECTLY.
In summary:
Please could you see what is happening?
It is obvious that, if at least, even once every x amount of time, I cannot scan my site to see if it has any "bugs", this plugin does NOT work for me and I would have to replace it.
Which is a "pity" because, until before this latest version, it had left me satisfied.
Anyway.
I await your comments.
From already thank you very much.
Greetings.

Hi, I have several websites that I manage, and after updating from version 4.7.1 to 4.7.2 or 4.7.4, it stopped working.

It just keeps giving the message “please verify that you are not a robot”

And I manage several websites, every time I updated the same thing happened.

I had to disable GRecaptcha in all, and some, I left it at version 4.7.1.

Please check the screenshot: https://tinyurl.com/22e2taxv
It is showing a warning for non existing plugin due to similarity in their name.
Hope you can have a quick look on this. Thanks!

Good morning,

I have been using your plugin for a long time on many of my websites, without any problem, but it seems that on one website the plugin deactivates itself for no apparent reason every time I activate it.

Sometimes it happens when you reload the page, other times it takes hours, but it always ends up deactivating itself. It never lasts a night without deactivating.

I have been investigating the logs and I can’t find anything that refers to the automatic deactivation of the plugin. The plugin is configured in the same way on all my websites with the same version of PHP and the same version of WordPress, with the same plugins, but it only happens on this one.

Does anyone know what could be causing it? Is there a log that gives me more information?

Thank you very much

Hello,

We are encountering a particular problem between your Defender plugin and the WP OAuth Server CE plugin.

We have a tool that links a PIM to our WordPress sites. This tool uses WP OAuth Server to connect to our site. The process is as follows: when the link is initiated, url like /oauth/authorize/$parameters/ is sent. If the user is not logged in, a redirection to the login page is initiated:

wp_redirect( wp_login_url( add_query_arg( $_GET, site_url( 'oauth/authorize' ) ) ) );

The problem is that with your plugin, if we activate the masked login area, the redirections are blocked (off) or directed to a specific page/URL. We then get a page with this message: “This feature is forbidden temporarily for security reasons. Try login again.”

Is it possible to bypass the redirection block for a specific user/IP? Or is there a solution to lift this block?

Thank you,

HELP! I forgot my password and apparently entered it too many times incorrectly. I submitted my username for an email to reset, but the email is not arriving. thank you!

Hello,
When setting up or configuring the 2FA per user, I discovered that there are problems with the correct screen layouts with the instructions for the users at the very bottom of their profiles. See indication on a screen copy attached: https://prnt.sc/XP7CjVCGRKf_
Previously, this was not the case. Perhaps in an update, some things were set wrong for the screen layouts?
Can this be rectified, please?
However, I have not encountered any further problems for the operation of 2FA. It is only with the screen layout.
Thanks in advance.
Best Regards.

• This topic was modified 6 months, 2 weeks ago by alainmelsens.

Hi,

I’ve been visiting the website islamqa.org a lot lately and I’ve gotten blocked (I think for spam and I believe it is an autoban). Is there any way to get unblocked without having to contact the developer of the website?

This is the error message I get:

Access Denied

You have been blocked from accessing this website.

• This topic was modified 6 months, 2 weeks ago by aayanpanjwani.

I have been locked out of this website. I tried the suggestion from another thread to change the name of the plugin, which lets me log in, but as soon as I change it back I am logged out again. I looked in the database and did a search for my IP address and nothing was found. I have also added the PHP file whitelist-ip.php and added my IP address, but I am still denied when the plugin is active. I have had to remove the plugin all together for now which is bad because I noticed that the site was under attack with lots of IPs blocked by the firewall. What can I do?

• This topic was modified 7 months, 1 week ago by earrame.

Stripe’s webhook request is being blocked by WP Defender plugin via its user agent functionality.

Looking through the WP Defender’s log it appears that it is blocking Stripe’s user agent: stripe/1.0 (+https://stripe.com/docs/webhooks)

I’ve whitelisted Stripe’s user agent and created a regular expression in the allowlist that allows any user agent that contains the text stripe:

.*[s|S]tripe.*

I’ve also disabled the user agent functionality which did fix the issue, but leaving so a crucial piece of functionality disabled is a very bad idea.

Has anyone run into this issue?

• This topic was modified 8 months, 1 week ago by davidyear.
• This topic was modified 8 months, 1 week ago by davidyear.

I installed the Defender plugin and set the wp admin login masking to the slug ‘mask’

I’ve disabled all the plugins and switched to the default theme of Twenty-three. I’ve disabled caching and have been testing the mask page only in incognito.

Every time I go to /wp-admin I’m redirected to the page saying “This feature is forbidden temporarily for security reason. Try login again.” as expected.

However, when I go to /mask, I’m redirected to the error 404 Not found.

How can I fix it?

When trying to use the 2fa auth i get this error.

Uncaught ReferenceError: jQuery is not defined
at wp-login.php:96:13

if i try to execute your srcript from the console, it’s work jQuery is loaded.
if i encapsulate your script in a DomContentEvent it work too ( ?view/2-fa/otp.php )

Sorry but a dont have any time to try that whis no plugin or theme for now. And Iam pretty sure your plugin work fine on a vanilla WP but i need this to be more resiliant to error.

I can try to identify what causing this conflit on at a later time.

hello, I have been getting an issue in retrieving a domain key for a plugin called litespeed cache but it have been giving me this message:

There was a problem with retrieving your Domain Key. Please click the Waiting for Approval button to retry.There are two reasons why we might not be able to communicate with your domain:1) The POST callback to https://merchandisemuseum.kesug.com/wp-json/litespeed/v1/token failed.2) Our Current Online Server IPs was not allowlisted.Please verify that your other plugins are not blocking REST API calls, allowlist our server IPs, or contact your server admin for assistance.:

when I contacted this them they told me that there is a security feature blocking the process, and I replied that I only have defender security plugin activated so they recommended me to contact you about the issue.

can you help with this?

thank you.

Hi there,

I have a customer trying to create an account with a hotmail address but he’s seeing this error:

Error: Your email domain has been banned from registration!

How do deactivate this option please?

• This topic was modified 8 months, 4 weeks ago by JapeNZ.

Dear support team

After activating the mask login area feature we have the issue, that jQuery is not defined (browser console error) and sign-in with 2FA enabled is not possible anymore.

Is this a known issue?

Thanks

Hi there

The latest update automatically switched IP detection to the Cloudflare option because my network site’s domain is on Cloudflare.

I went and reset that back to the default method because not all domains on the instance are on CloudFlare.

And as there is no way to deal with this per site, I need to leave it there. This means the entire firewall feature really only works with some sites and not the others.

Maybe there could be a way to set this per site in future.. or is there something I’ve missed here?

Regards
Rob

Hello. Thank you for all the effort put in on this great plugin.

While upgrading my version of Defender, I ran into a problem with how the registration page is working. In particular, the Masking Login URL Slug that is set in Defender is not being used during the very last step of registration. I am testing this in a WordPress clone area.

For example:
Clone URL = https://example.com/clone123
Login = https://example.com/clone123/maskingslug
Register URL = https://example.com/clone123/maskingslug?action=register
On this page, the new user can register, and it puts the new user information correctly in the database.
It also correctly sends an email to the user to set the password for the first time.
It then automatically takes the user, incorrectly, to =
https://example.com/clone123/wp-login.php?checkemail=registered
This correctly displays the error:
"This feature is forbidden temporarily for security reason. Try login again."
The problem is that it should not use "wp-login.php", but instead use "maskingslug".
For completeness, the link to change the password works correctly and does use the masking slug. And then the user is able to log in correctly - the login page also uses the masking slug.

I'm not a WP programmer. I did turn masking off, and then on again. No change.

By installing different versions of Defender, I discovered that the problem seems to exist for Defender versions starting with 4.1.0, up to and including the latest 4.5.0 version.

Here are the specific Defender versions I tested:
Registration worked correctly: 2.6.5 - 2.8.3 - 3.12.0 - 4.0.2
Registration last step not working: 4.1.0 - 4.3.1 - 4.4.2 - 4.5.0

I have been able to replicate this problem on a test WP website 5.6.13 that looks like a clone (but was a new installation) with no plugins except for Defender 4.5.0. Again, the last registration step gives an error.

Here are the settings on my website:
WordPress Version = 5.6.13
PHP Version = 7.4.33
Redirect Traffic = off
2FA is not used
Permalinks under WP Settings = Post name

I'm happy to upgrade to Defender 4.0.2 for now.
In the future, once the above works, I'll upgrade to the newest version.
Many thanks.
Doug

I have found that cron is not working on this WooCommerce site. After troubleshooting, I found an error that said:

There was a problem spawning a call to the WP-Cron system on your site. This means WP-Cron events on your site may not work. The problem was:

Unexpected HTTP response code: 403

403 has to do with firewalls so I tried deactivating Defender and the error went away. I am sure that there is probably some setting that is causing this and I want to continue to use Defender, but I need corn to work.

Hi Defender support, 1st thanks this good plugins help protect my site.
I have a question need help!

At “Files, folders and file types” (404 Detection), I’ve put

customfolder/mashelton826021.txt
customfolder\/[a-zA-Z0-9]*[.]txt

Run https://mydomain/test/customfolder/mashelton826021.txt (it work)
but https://mydomain/customfolder/text22024.txt (it not working)

Do you have any instructions for me here? Thank you!

• This topic was modified 9 months, 1 week ago by dongmx.
• This topic was modified 9 months, 1 week ago by dongmx.
• This topic was modified 9 months, 1 week ago by dongmx.