Unable to reach Wordfence servers

  • I have installed on a couple websites on the same server Wordfence. They fail to connect to noc1.wordfence.com I can curl to any other urls (SSL or not) but it seems this is the only one I cannot reach. I check my IPTABLES and nothing there.

    I am not sure where to look next ??

Viewing 9 replies - 1 through 9 (of 9 total)

  • Hi @divemasterza,

    Could you let me know what hosting provider you are with? It’s possible that they’ve blocked the connection, so you may want to ask them if that’s the case.

    Dave

    Thread Starter divemasterza

    (@divemasterza)

    I tried from a few servers some are successful and some fail. I contacted the Datacentre / hosting providers: They claim the connections dies somewhere in Europe.

    from an independant provider in the USA:
    root@asgard [~]# traceroute noc1.wordfence.com
    traceroute to noc1.wordfence.com (69.46.36.28), 30 hops max, 40 byte packets
    1 asgard.aserv.co.za (64.22.105.121) 0.347 ms 0.391 ms 0.536 ms
    2 63.247.69.37 (63.247.69.37) 0.374 ms 0.514 ms 0.507 ms
    3 xe-11-2-3.edge2.Atlanta4.Level3.net (4.53.238.9) 0.593 ms 0.587 ms 0.618 ms
    4 * * ae-1-3501.ear1.Atlanta1.Level3.net (4.69.214.190) 0.888 ms
    5 4.68.74.158 (4.68.74.158) 0.975 ms 0.961 ms 0.954 ms
    6 tuk-edge-14.inet.qwest.net (67.14.44.54) 60.615 ms 59.829 ms 60.105 ms
    7 63.149.178.150 (63.149.178.150) 60.773 ms 60.800 ms 60.670 ms
    8 * * *
    9 * * *

    As per several traceroutes from within Afrihost network, this leaves our network and our upstream provider and in Europe the connection dies.

    It’s happening with me too.

    My WordFence diagnostic page says the following:
    “wp_remote_post() test to noc1.wordfence.com failed! Response was: cURL error 28: Connection timed out after 10001 milliseconds”

    When I run from any local computer (not the server my sites are hosted on) :

    ping noc1.wordfence.com

    Pinging noc1.wordfence.com [69.46.36.28] with 32 bytes of data:
    Request timed out.
    Request timed out.
    Request timed out.
    Request timed out.

    So it’s not a hosting provider issue.

    My current IP that the ping is failing under is:
    192.168.43.46
    That’s in Australia.

    My sites are hosted in the USA, and it fails from there too.

    Even their top-level domain wordfence.com can’t be pinged, tried from US and Europe.

    PING wordfence.com (54.69.165.150) 56(84) bytes of data.
    ^C
    — wordfence.com ping statistics —
    12 packets transmitted, 0 received, 100% packet loss, time 10999ms

    In other words, ping won’t work.

    Try Curl.
    I don’t have that error you guys got.
    My curl reads:

    curl noc1.wordfence.com
    {“errorMsg”:”Wordfence API error: Your site did not send an API key when contacting the Wordfence servers.”}

    Just curl from the concole and compare with mine.

    Thread Starter divemasterza

    (@divemasterza)

    @iframe, I am not pinging as they are obviously dropping ICMP packets. (I am doing as well on two of my servers, I have other monitoring options for them)

    However `curl –trace – https://noc1.wordfence.com’ does not happen either

    A traceroute from London does work and the domain is reachable. However from some location in US and from South Africa, the traceroute dies somewhere in Europe.

    There is definitely an issue with a switch somewhere in Europe

    • This reply was modified 5 years, 7 months ago by divemasterza.

    Tracert from Australia:

    Tracing route to noc1.wordfence.com [69.46.36.28]
over a maximum of 30 hops:

  1     2 ms     1 ms     1 ms  192.168.43.1
  2     *        *        *     Request timed out.
  3    24 ms    29 ms    26 ms  10.247.77.181
  4    43 ms    24 ms    30 ms  10.246.243.253
  5    27 ms    29 ms    17 ms  120.16.253.249
  6    36 ms    38 ms    26 ms  220.101.68.53
  7     *        *        *     Request timed out.
  8     *        *        *     Request timed out.
  9     *        *        *     Request timed out.
 10     *        *        *     Request timed out.
 11     *        *        *     Request timed out.
 12    75 ms    92 ms    84 ms  59.154.18.18
 13    94 ms    92 ms    83 ms  59.154.18.8
 14    81 ms    76 ms    87 ms  syd-brdr-03.inet.qwest.net [63.146.27.141]
 15     *        *        *     Request timed out.
 16   437 ms   249 ms   263 ms  63.149.178.150
 17     *        *        *     Request timed out.
 18     *        *        *     Request timed out.
 19     *        *        *     Request timed out.
 20     *        *        *     Request timed out.
 21     *        *        *     Request timed out.
 22     *        *        *     Request timed out.
 23     *        *        *     Request timed out.
 24     *        *        *     Request timed out.
 25     *        *        *     Request timed out.
 26     *        *        *     Request timed out.
 27     *        *        *     Request timed out.
 28     *        *        *     Request timed out.
 29     *        *        *     Request timed out.
 30     *        *        *     Request timed out.

    On Windows, tracert sends ICMP Echo Request packets, rather than the UDP packets traceroute sends by default.

    We already know they drop ICMP packets.

    Be that as it may, it appears to be working again now… my servers were able to download the latest firewall rules files.

    Tracert is also giving more feedback…

    Tracing route to noc1.wordfence.com [69.46.36.28]
over a maximum of 30 hops:

  1    <1 ms    <1 ms     2 ms  m.home [192.168.1.1]
  2     *        *        *     Request timed out.
  3     *        *        *     Request timed out.
  4    30 ms    19 ms    41 ms  Bundle-Ether13.pie-edge901.perth.telstra.net [165.228.53.253]
  5   120 ms    73 ms    37 ms  bundle-ether6.pie-core1.perth.telstra.net [203.50.6.212]
  6    57 ms    64 ms    53 ms  bundle-ether3.way-core10.adelaide.telstra.net [203.50.6.234]
  7    68 ms   134 ms    69 ms  bundle-ether16.exi-core10.melbourne.telstra.net [203.50.6.231]
  8    71 ms    76 ms    82 ms  bundle-ether12.chw-core10.sydney.telstra.net [203.50.11.124]
  9    83 ms   260 ms    74 ms  bundle-ether1.oxf-gw11.sydney.telstra.net [203.50.6.93]
 10    75 ms    86 ms    88 ms  bundle-ether1.sydo-core03.sydney.reach.com [203.50.13.98]
 11   229 ms   236 ms   253 ms  i-73.paix-core02.telstraglobal.net [202.84.247.45]
 12   236 ms   225 ms   227 ms  i-0-7-0-1.eqnx-core02.telstraglobal.net [202.84.143.209]
 13   222 ms   220 ms   227 ms  i-92.eqnx03.telstraglobal.net [202.84.247.17]
 14   237 ms   221 ms   268 ms  xe-4-3-1.mpr3.sjc7.us.zip.zayo.com [64.125.13.77]
 15   243 ms   218 ms   274 ms  ae19.mpr4.sjc7.us.zip.zayo.com [64.125.30.77]
 16   239 ms   250 ms   231 ms  ae16.cr2.sjc2.us.zip.zayo.com [64.125.31.14]
 17   237 ms   243 ms   366 ms  ae27.cs2.sjc2.us.eth.zayo.com [64.125.30.232]
 18   251 ms   240 ms   248 ms  ae3.cs2.sea1.us.eth.zayo.com [64.125.29.41]
 19   247 ms   241 ms   271 ms  ae1.mcs2.sea1.us.eth.zayo.com [64.125.29.23]
 20   253 ms   242 ms   236 ms  ae3.mpr1.sea26.us.zip.zayo.com [64.125.31.107]
    Thread Starter divemasterza

    (@divemasterza)

    Yes same from South Africa – was definitely an issue in a switch somewhere in Europe

    [root@cyberfx ~]# curl -Is https://noc1.wordfence.com | head -n 1                                                                                                      
HTTP/1.1 200 OK
Viewing 9 replies - 1 through 9 (of 9 total)
  • The topic ‘Unable to reach Wordfence servers’ is closed to new replies.