NilsOstergren
Forum Replies Created
-
Thanks for the info! “Problems found” was confusing, but is “Ignored” really an improvement? Hard to interpret “Ignored” as something else than that scanning was ignored.
Forum: Plugins
In reply to: [iQ Block Country] Conflict with Wordfence?Thanks @iqpascal
Wordfence answered “I think it’s worth to give it a try” here https://www.ads-software.com/support/topic/conflict-with-another-plugin-31/
Thanks. So I guess “can’t run alongside Wordfence” in the Wordfence documentation
https://docs.wordfence.com/en/Plugins_that_might_have_issues_and_solutions_to_them should be “may not run alongside Wordfence”.Maybe it’s also worth noting what the plugin author have said here: https://www.ads-software.com/support/topic/conflict-with-wordfence-8/
“Other plugins may indeed conflict if they use the GeoIP library. I’ve altered the library in a way it should not conflict with any other party.
No guarantee for the future. The GeoIP library is a standard library with standard functions if they alter functions for their use Wordfence may not work.”Sorry, I have now found the option in the settings page.
I encounter the same thing: “…although the scan summary section near the top of the screen reported that problems had been found comparing plugins against the originals nothing was listed in the new issues section at the bottom of the screen so I don’t have any files to compare.”
Thanks! Well, I really thought I was covered since I have taken all the precautions I can mentioned in the articles you refer to.
Hi @wfsupport,
I have the same problem and would like to have an answer to “how to properly whitelist a URL in the Firewall page”.
Thanks,
/NilsOne more thing:
When I press the “Block this IP” button on the 3-times-visitors mentioned above, they show up on the page “Wordfence Blocked IPs” as they should. But it says “2 hits before blocked”. Shouldn’t it be 3?
My site has two users. I’m both (admin and user with limited rights).
The IP address from which I connect to the server where my WP-installation is running is whitelisted and bypass all rules. But my IP address is not the same as the one that is shown in the three entrys from Pakistan that are shown in Live Traffic.
The blacked out username in the third wisit from Pakistan shown in my screenshot is not the Admin’s username. It’s the limited user’s.
I have “Don’t let WordPress reveal valid users in login errors” enabled.
In Live Traffic I can right now see many similar entrys (15 within 12 hours) marked grey (bots according to WFs color scheme) where an IP address is logged three times in a row as
1: visiting /xmlrpc.php
2: visiting /wp-login.php
3: adding “Nils” to the name of the place of origin and attempt a failed login with the username of my sites only limited user.No one of the IP addresses behaving like that that I can see right now (from India, Turkey, Portugal etc) are within ranges I have blocked. So right now I can’t show you entrys that should have been blocked immediatly.
I can add that in Options I have set “Lock out after how many login failures” to one (1). And i have the plugin Disable XML-RPC enabled.
- This reply was modified 7 years, 11 months ago by NilsOstergren.
- This reply was modified 7 years, 11 months ago by NilsOstergren.
- This reply was modified 7 years, 11 months ago by NilsOstergren.
- This reply was modified 7 years, 11 months ago by NilsOstergren. Reason: Adding details
Yes. And a user.
- This reply was modified 7 years, 11 months ago by NilsOstergren.
Hi again @wfalaa
I have screenshots of the same thing happening again and I publish them here instead of opening a new ticket as I wrote earlier.
So I have a range blocked as you can see in the screenshot below. No hits are registered.
But an IP number within that range shows up in Live Traffic marked grey (bot), not as Blocked.
Bug?
EDIT
Can’t make the screenshots show in this post. Direct links here:Advanced blocking
https://www.dropbox.com/s/xybaucu9gd08vat/AdvancedBlocking.png?dl=0
Live Traffic
https://www.dropbox.com/s/z1gxmdtub3zq8i3/LiveTraffic.png?dl=0- This reply was modified 7 years, 11 months ago by NilsOstergren.
- This reply was modified 7 years, 11 months ago by NilsOstergren.
Ah, thanks. But why example.com/xmlrpc.php? I thought anyone hitting anything with xmlrpc (which I have disabled) had bad intentions.
Would it be a bad idea to blacklist URLs that contain “wordfence_log”?
I meant password protect public_html.
I will try to reproduce the problem and create a new ticket if I succeed.
It might have been so that the moment the blocked IP address was shown as a bot, coincided with that I was experimenting with password protection at the web server (I’m not shure I’m expressing this right in English). If that can be an explanation I guess this ticket can be marked as solved.