wfchristian
Forum Replies Created
-
Hello @corl , Glad I could help!
I recommend putting the Web Application Firewall Status at Enabled and Protecting instead of learning mode for the best security. Learning mode is mostly used if Wordfence and another plugin have a conflict and you are seeing a lot of false positives.
Thank you,
Christian
Hello @corl , Thank you for reaching out.
The file path should work with no quotes around it. That is assuming you are using an interface on the host panel which it sounds like that is what they are using.
When you set the auto_prepend_file, wait about 5 minutes and then check Wordfence > Firewall > Manage WAF and see if the firewall is optimized.
If you want me to check it you can send me a diagnostic and I can check if it is optimized. You can send the diagnostic report to wftest @ wordfence . com. You can find the link to do so at the top of the Wordfence > Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.
NOTE: It should look as follows – Screenshot of Tools > Diagnostic > Send by Email
Let me know if this helped, thanks again!
Christian
Hello @dawoodward , thank you for reaching out.
Can you navigate to Wordfence > Login security and navigate to the bottom of the page, there should be three times listed, do they all match?
If they do, I would try to test it using an alternative authenticator such as Authy or 1Pass to see if the issue is with Google Authenticator.
If all of this fails can you send a diagnostic report to wftest @ wordfence . com? You can find the link to do so at the top of the Wordfence > Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.
NOTE: It should look as follows – Screenshot of Tools > Diagnostic > Send by Email
Let me know if this helps, thanks again!
Christian
Hello @amwest97 , Thank you for reaching out.
Looking at the error, nothing is being blocked but the scan is still unable to properly complete. A diagnostic might help me identify the issue.
Can you send a diagnostic report to wftest @ wordfence . com? You can find the link to do so at the top of the Wordfence > Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.
NOTE: It should look as follows – Screenshot of Tools > Diagnostic > Send by Email
Again thank you for reaching out.
Christian
Hello @xmcamino23 , Thank you for reaching out.
It appears that you went through the proper procedure for disabling the Wordfence plugin. I attempted to access the /wp-admin page and got the same result. If this 500 error persists with Wordfence disabled I would reach out to your hosting provider, they should be able to get you back into the admin page.
Let me know if this helps fix the issue. Thanks again for reaching out!
Christian
Hello @kikeconk , Thank you for reaching out.
If you cannot locate the IP in the Wordfence > Firewall > Blocking page, then the IP shouldn’t be blocked. It could be a cache issue on the user’s end. Can you have them try to log in from a different browser to test?
As for your second question, it sounds like the Brute Force settings might be set too strict. You could navigate to Wordfence > All Options > Brute Force Protection and adjust any settings you might need there. I often recommend the following settings:
Lock out after how many login failures 5
Lock out after how many forgot password attempts 5
Count failures over what time period 30min
Amount of time a user is locked out 30min
For more information on Brute Force Protection, you can view our documentation:
https://www.wordfence.com/help/firewall/brute-force/
Let me know if this helps. Thanks again!