kaspar

Clearing the browser cache was all it took. Everything seems to be behaving as intended now. Thanks!

I’ll try those suggestions. I normally use Chrome, so I’ll just open it in an incognito window to block any browser caching – after checking into the other possibilities.

I also wonder why someone thought is necessary to make all the print very tiny and all the images enormous.

There is also this:

Brute Force Protection

“Enable brute force protection
This option enables all “Brute Force Protection” options, including two-factor authentication, strong password enforcement, and invalid login throttling. You can modify individual options below.
Off
On”

The Words On and Off are not clickable, so it’s not clear how to enable or disable this feature – or whether or not it is enabled.

At this location: my_url/wp-admin/admin.php?page=WordfenceWAF#top#blocking,
there’s a list of blocked IPs. There are 3 buttons, which are unresponsive until considerable time has passed. Eventually, they respond to mousing over them, indicating that they might actually do something when clicked.

Next there are column labels:

Block Type Detail Rule Added Reason Expiration Block Count Last Attempt

Finally, there is a table of the blocked IPs, etc. and details about them. For example, here is the first row arranged vertically to make it easier to read:

IP Block
208.80.194.31
January 26, 2018 1:23 pm
Accessed a banned URL
January 27, 2018 1:23 pm
1
January 26, 2018 1:23 pm

At the far left of the row is a tiny check-mark that is not surrounded by a circle as it is in the screenshot. After witing considerable time (many minutes) for the full list to load, these checkmarks are still not clickable.

I don’t see how to change IP blocking rules at all. I can see all the blocked IPs and the buttons {UNBLOCK, MAKE PERMANENT} above the list…but I can’t see any way to select a blocked IP to unblock it or make it permanent. The buttons aren’t even clickable, as far as I can tell.

I think we need some answers!

Thanks! I’m also a PHP programmer, so I feel your pain. One wrong/missing/extra character can cause mayhem.

I upgraded to the latest version this morning. It broke my website due to a conflict with WP eStore version 7.4.3. I didn’t capture the error message before I removed the plugin but it has to do with “headers already sent…”

I couldn’t even login to the site to disable the plugin. I had to delete it with FTP to get back into my site.

Is there a simple way to remove the progress bar altogether? I have a client that likes this theme and we have customized it a lot. But they would like the “Center Atom” progress bar removed. They don’t want a progress bar at all. (It loads before the home page appears.) I could remove all the .js and .css files associated with it but that might “break something. I don’t want to do that!

Thanks,
Steve

I found out what was wrong this morning, more or less by accident. I’d decided to go into cPanel and have a look at the ??_wfHits table to see if it was empty. I got an error message which said that the table had crashed and needed to be repaired. I went to MySQL databases (NOT phpMyAdmin) in cPanel and clicked the button to repair the database. (I don’t have a way to repair a single table; maybe some people do but I don’t know about that.) Anyway, the repair succeeded and the table was marked OK. There was a line in the repair output for the table ??_wfHits that indicated something was pointing to an invalid memory location. After the repair, the table was OK and the Live Traffic report showed hits again.

So…this is a possible cause that nobody else has mentioned, AFAIK. One more way to fix this annoying situation!

I hope this helps someone.

WordPress was updated to 4.7.5 whatever day that came out…recently…
Error Log Monitor was updated to v1.54 on June 3
Error Log Monitor was updated to v1.53 on June 2
WP Customer Reviews was updated to v3.1.3 on June 1
EWWW Image Optimizer was updated to v 3.4.0 on June 1
PixelYourSite(Inactive) was updated to v5.0.4 on May 26
Media Library Assistant was updated to v2.53 on May 26
Yoast SEO was updated (4.7.1 -> 4.8) May 23
Ultimate Social Media PLUS(Inactive) was updated to v2.6.3 on May 21
WP-SpamShield was updated to v1.9.11 on May 20
WP Performance Score Booster was updated to v1.7.2 on May 15

There may have been some updates to any of those that I don’t recall; I can only tell when the plugins were most recently updated.

Other plugins I’m using are:
WP eStore v7.4.3
WP Custom CSS v1.2
Wordfence Security v6.3.10
Wordfence Assistant v1.0.3
reGenerate Thumbnails – advanced v1.4.5
PHP Compatibility Checker v1.4.0
Old Core Files v1.4
McAfee SECURE v1.7.5
Facebook Button by BestWebSoft v2.54
Extra Shortcodes for WP eStore v4.9.4
eStore Variations UI Addon v1.9
eStore Shortcode Inserter UI v1.1
eStore Receipt Creator Addon v2.2
eStore Product Specifc Post Payment Actions v1.2
Anti-Malware Security and Brute-Force Firewall v4.16.53 (with latest definitions)

I have deactivated ALL the plugins except WordFence and the Live Traffic page came up empty. No change. So I turned them all back on. Because I get Wordfence alerts, I’m never more than 15-20 hours behind on updating plugins and WordPress to the latest version(s).

I tried switching to Twenty Sixteen. No change.

Also, none of the pages that were blocked for MSN were inaccessible to human visitors.

Steve

Update: After correcting the path to wordfence-waf.php in my local (in /public_html) php.ini file, the errors and load failures are gone. Also, the protection level instantly changed to Extended Protection and the button/link to Optimize Wordfence Firewall has disappeared (being no longer needed, I assume). It will be interesting to see if there is any improvement in performance.

I mistakenly put in:
auto_prepend_file = wordfence-waf.php
in the php.ini file in /public_html (where WordPress is installed) and got the error that kenziedlt described. Couldn’t login to the admin area. Removing the part after the = sign fixed the problem but that’s not really what I wanted. I wanted to get the Extended Protection turned on, which apparently doesn’t work unless Wordfence can find and load the file wordfence-waf.php before WordPress starts up. Yes, I made an embarrassing rookie mistake. But after correcting it, is there ANY chance of getting the Optimize process to run and activate Extended Protection. From all I have read, it would be a good feature if it worked.

Hi Jan,

Thank you very much! I was pretty suspicious based on a number of the things you mentioned. I just wanted to hear from someone else that I wasn’t being paranoid
and that they were indeed scammers. I’ve been online since ’93 and never once fallen for a scam – nor do I intend to do so!

Their “estimate” sounded too low as well. I’ll just mark their email as spam in gmail
so that I won’t be bothered by them again.

Steve

They contacted me directly by email, referencing my website by name. They said they had seen a post I’d made on a wordpress forum.

I had posted asking for help with a problem on a different website and the only reply had been a suggestion to contact the theme developer.