Is Wordfence still working? MySQL Problem

Hi @irongenetics96,

You will want to grant all the permissions to your MySQL user.
Can you try this?

1. Open /wp-config.php and look for these three lines:

define('DB_NAME',  '*****');
define('DB_USER',  '*****');
define('DB_HOST',  '*****');

2. Now, run this query on your database:

GRANT ALL PRIVILEGES ON DB_NAME.* TO 'DB_USER'@'DB_HOST';

You will want to replace DB_NAME, DB_USER, and DB_HOST with the values from your wp-config.php

3. After that, try running the diagnostics again and see what it says.
—

For example, if your wp-config.php looks like this:

define('DB_NAME',  'wordpress');
define('DB_USER',  'root');
define('DB_HOST',  'localhost');

Then, you should run the following query:

GRANT ALL PRIVILEGES ON wordpress.* TO 'root'@'localhost';

Dave

No i want that my database can only be accessed local, it is a setting at my hosting provider and he recommend it for security reasons. But does it do any problems to wordfence? Can′t see any, only the red arrows under “Diagnostic MySQL Database version and privileges”

Hey @irongenetics96,

My apologies, I’ve edited my response because it looks like WFDave is already assisting you.

Thanks,

Gerroald

• This reply was modified 5 years, 7 months ago by WFGerroald.

Hi again,

The setting that your host recommended made it so Wordfence is now unable to read/write to the database. There will be problems with Live Traffic, saving options, and other database related issues.

If you follow the steps above, you should be able to grant the permissions back to your MySQL user, and those red arrows should disappear.

Can you give them a try?

Dave

@wfdave I can change by myself the settings at my hosting service
There are 2 options:

1. Allow only local access (localhost) (recommended) – if i choose this, the diagnostic tab is red.
2. Allow Database access from everywhere – Everything turns green again in diagnostic

So i should use while using wordfence option number two?

GRANT ALL PRIVILEGES ON … worked but what will it do with my site? Im scared

Hi again,

Allow only local access means that only the host itself is able to access your database. This is recommended, as if someone is able to guess your MySQL password, they would be able to connect to it remotely and edit your database.

What happened was when you changed your host setting to Allow only local access, the permissions within MySQL were changed so Wordfence was unable to read/write to the database.

1. Use Allow only local access
2. And grant permission to the MySQL user

As long as you have done these two steps, your site should be secure and Wordfence should also function properly.

Dave

https://dzone.com/articles/do-not-grant-all-privileges-to-your-production-use This article says that GRANT ALL PRIVILEGES ON wordpress.* TO ‘root’@’localhost’; is very bad for security..

What to do now?

Hi again,

It is true that granting all permissions is a security risk. However, since your host has provided you with the option to block all remote connections to the database, it will prevent remote attackers from gaining entry and changing your database.

Note that Wordfence requires all permissions to run properly, so you may experience some issues if your database user has limited access.

Dave