WPMU Dev Defender incompatibility

I also get an error when scanning (The scan has failed to start. This is often because the site either cannot make outbound requests or is blocked from connecting to itself. Click here for steps you can try.) and it stops.

I’ve tried all the steps. Any advice?

Hello @sbct and thanks for reaching out to us!

While using Wordfence, you will need to use the standard wp-admin or wp-login pages. You don’t have to worry about hiding the URL or changing it as Wordfence will keep this secure for you.

https://www.wordfence.com/help/login-security/ can provide more details on how to keep your login page safe.

As for the scan issue, can you send a diagnostic report to wftest @ wordfence . com? You can find the link to do so at the top of the Wordfence Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.

Thanks!

Hello @wfadam,
I’ve sent the report to the email you indicated.

Thanks!

Thanks for sending that report @sbct

I noticed you are using Cloudflare. If your site is protected by Cloudflare, you may need to update your Cloudflare settings to allow your site to connect back to itself. You should be able to do this by going to your Cloudflare control panel.

• Login to Cloudflare
• Go to “Firewall”
• Click the “Firewall Rules” tab
• Click “Create a Firewall rule”
• Name the rule under “Rule Name”
• Set the “Field” under “When incoming requests match…” to “IP Address”
• Enter your site’s IP address under “Value”
• At the bottom, under “Then…Choose an action” change “Block” to “Allow”
• Click “Deploy

Once you have added your site to the Cloudflare Whitelist, do the following:

• Kill the existing scan if it is still running (The “Start New Scan” button turns in to a “Stop” button while the scan is running)
• Go to your Scan > Scan Options and Scheduling page and locate the “Performance Options”
  Set “Maximum execution time for each scan stage” to 20 on the options page
• Click to “Save Changes”
• Go to the Tools > Diagnostics page
• In the “Debugging Options” section check the circle “Enable debugging mode”
• Click to “Save Changes”.
• Start a new scan
• Copy the last 20 lines from the Log (click the “Show Log” link) or so of the activity log and paste them in the post.

On occasion, this fixes it straight away. That’s because adding 20 for the “Maximum execution time for each scan stage” tells the scan to pause every 20 seconds and start again where it left off. If this fixes the issue and scans run again, you can leave all the settings above except for “Enable Debugging Mode”.

Let me know how it goes!

Thanks!

Hello @wfadam,
I’ve done all the things you suggested about the scan problems and now it works! It just appeared the yellow band error (stop) for about a minute when scanning additional files but then started again =)

Do you think it was the 20 sec rule or the CloudFlare mod?

About the masking feature, it is because I see lots of different attacks on the login page so I’d like to protect the page better.

Thanks!

Great! Glad we could find a solution!

It was most likely the Cloudflare whitelist that resolved the issue.

What sort of attacks are you seeing? As long as you have Wordfence updated and optimized, you shouldn’t have to worry about it too much. Also maintaining strong admin passwords and using 2FA is always recommended.

Thanks again for your support!

Hello @wfadam,
I get xmlrpc.php, Remote Code Execution, Authentication Bypass and different other attacks for a total of 273 only in the last month.
I’m glad I have WordFence to protect.

Thanks!