Allow wordfence via WP_ACCESSIBLE_HOSTS ??

  • Resolved youaresam2

    (@youaresam2)


    2 years, 10 months ago

    hello

    I am using the paid version of wordfence.

    We are using wordfence because the security of our site is important.
    Very satisfied.

    First, a brief explanation.

    Our site is an intranet site.
    Also, for security reasons, access to external networks is blocked.
    We block it through a firewall
    i can also block it using options in wordpress.

    define(‘WP_HTTP_BLOCK_EXTERNAL’, true);
    But because we need to update wordfence
    I want to allow access only to wordfence.

    So I set it like below.
    define(‘WP_ACCESSIBLE_HOSTS’, ‘*.wordfence.com ,*.mailgun.net’);

    On the homepage of wordfence, the path of the api server used or
    The path to the update server was not written down.

    I wonder if I applied it correctly.

    • This topic was modified 2 years, 10 months ago by youaresam2.
Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Support wftiffany

    (@wftiffany)

    Hi @youaresam2,

    Thanks for reaching out to us!

    It’s best to whitelist Wordfence’s IP addresses, since ours never change. You can read more about this here: https://www.wordfence.com/help/advanced/#servers-and-ip-range

    Plugin services are hosted on the following IP addresses:

    44.239.130.172
44.238.191.15
35.155.126.231

    Wordfence Central and plugin services also use the following IP addresses to connect to sites:

    54.68.32.247
44.235.211.232
54.71.203.174

    The whitelist setting is located at Wordfence > Firewall > All Firewall Options > Whitelisted URLs. You’ll need to add the IP addresses listed above.

    Let me know if that helps!

    Thanks,
    Tiffany

    Thread Starter youaresam2

    (@youaresam2)

    First of all, thanks for the reply.

    I modified the configuration file as follows.
    define(‘WP_ACCESSIBLE_HOSTS’, ‘*.wordfence.com , 44.239.130.172, 44.238.191.15, 35.155.126.231, 54.68.32.247, 44.235.211.232, 54.71.203.174, *.google.com, *.googleapis.com , *.mailgun.net’);

    However, even though I followed the above method, wordfence on my server says that the scan failed.

    Wordfence Full Activity Log
    [Apr 26 18:14:40:1650964480.988062:2:error] Scan terminated with error: There was an error connecting to the Wordfence scanning servers: The user blocked the request over HTTPS.
    [Apr 26 18:14:40:1650964480.984270:2:info] Wordfence used 0 B of memory for scan. Server peak memory usage was: 92 MB
    [Apr 26 18:14:40:1650964480.887810:1:info] Contacting Wordfence to initiate scan
    [Apr 26 18:14:30:1650964470.009856:1:info] Scan stop request received.
    [Apr 26 18:14:25:1650964465.311961:1:info] Scan stop request received.

    So, in my opinion, the above options of wordpress can be set only in domain rule.
    That’s why I need the domain name instead of the server ip address you gave me.

    please Help me~

    Plugin Support wftiffany

    (@wftiffany)

    Hi again @youaresam2,

    The whitelist setting is located at Wordfence > Firewall > All Firewall Options > Whitelisted URLs. That’s where you’ll need to add the IP addresses listed above.

    Also, since you’re a Premium Wordfence Customer, I highly recommend opening a support ticket at https://support.wordfence.com if you continue to experience this issue. They will be able to assist you faster and more efficiently.

    You can also access premium support via the Help menu item in the plugin, Help link on the plugin’s Dashboard page, on our documentation homepage or via the HELP link in the footer of all wordfence.com pages.

    Thanks,
    Tiffany

    Thread Starter youaresam2

    (@youaresam2)

    Hello~

    I have already registered the ip in the whitelist.
    But the same problem persisted.

    The whitelist setting is located at Wordfence > Firewall > All Firewall Options > Whitelisted URLs. That’s where you’ll need to add the IP addresses listed above.

    Seeing you gave the same answer to my second question, I thought.
    Am I obligated to do premium customer service, not just a recommendation?

    I’ve gotten quite a bit of information from the support of this plugin so far. And I think other users will as well. That’s why I try not to ask premium questions that are available only to a few if possible.

    But if you say I can only get answers through premium questions, of course I will.

    However, since my question is due to the option provided by default in WordPress, I honestly doubt whether it is necessary to do so.

    I look forward to your kind reply.

    Plugin Support wftiffany

    (@wftiffany)

    Hi @youaresam2,

    Did you add the IPs to the server firewall allowlist (not the Wordfence allowlist)? We only make connections on port 80 and 443; this should be outbound and inbound.

    I mention the Premium support ticket option since you’re entitled to it as a Premium customer. The support ticket route will allow us to assist you faster than we’re able to here on the forums.

    Thanks,
    Tiffany

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Allow wordfence via WP_ACCESSIBLE_HOSTS ??’ is closed to new replies.