wfjanet

Hi @gresio64,

Thank you for reaching out.

You should be able to register here – https://www.wordfence.com/sign-in/?action=register

Please watch the video below for step-by-step instructions on how to get a Free license.
https://youtu.be/uU43V3gnL9U

Let me know in case you need any further assistance.

Thanks,
Janet.

Hi @majito,

Thank you for reaching out.

The “Cannot Modify Header Information – Headers Already Sent By” error occurs when one of your site’s .php files cannot be executed.

Some common causes that can trigger the error message include:

• Whitespaces before the <?php segment of the code or after the closing ?> tag
• print or echo statements added before the PHP header function

Open the utils.php and verify the above. If  you still have issues, you may need to reinstall Wordfence. You may find the article below helpful:

• https://kinsta.com/blog/cannot-modify-header-information-headers-already-sent-by/

Let me know how it goes.

Thanks,

Janet

Hi @forikatamas,

Thank you for reaching out.

Wordfence’s Login Security features only officially support the default WordPress and WooCommerce login/registration pages and may cause issues or conflicts with custom login or registration pages and plugins.

Since you mentioned you’re using a plugin, I would suggest we try switching the Firewall to Learning mode as it might help Wordfence allow the registration.

From the Wordfence Dashboard, click on Manage WAF. Then you will see  Basic Firewall Options > Web Application Firewall Status. Change the option to Learning Mode. Now proceed to register the new user. This will help Wordfence learn that these actions are normal, and it will allow them in the future. After you have finished the user registration, switch the WAF from Learning Mode back to Enabled and Protecting, then test to see that you can register a user.

Let me know whether this works for you.

Thanks,

Janet

Hi @justdalek,

Thank you for reaching out.

The cURL error 28 error is a common error and usually temporary

cURL errors are generated due to a problem with the cURL library on your hosting server.If the error is persistent, please reach out to your hosting provider so that they can resolve the issue on the hosting server causing the error.

Confirm that they haven’t blocked Wordfence’s scanning server’s IP address range from accessing your site. See the link below for IP addresses:

https://www.wordfence.com/help/advanced/#servers-and-ip-addresses

In the meantime, try enabling the option “Start all scans remotely” found in the “Debugging Options” section at the bottom of the “Diagnostics” tab on the Wordfence “Tools” page and see whether it helps with the scans.

Let me know how it goes.

Thanks,

Janet

Hi @mralston,

Thank you for reaching out.

Can you please confirm the time set for both Brute Force > Amount of time a user is locked out and Rate Limiting > How long is an IP address blocked when it breaks a rule? 

Do you see any blocks for the IP address on the Wordfence>Blocking page?

Let me know.

Thanks,

Janet.

Hi @bhinze,

Thank you for getting back to us. 

This is the official support site for customers using the free version of  Wordfence.

If you’ve already opened a support ticket at https://support.wordfence.com and provided all the required information, they will be able to assist you faster and more efficiently.

Thanks,

Janet

Hi @cliff_77,

Thank you for reaching out and for sharing all the troubleshooting steps you’ve tried so far.

Since this is only happening for one use, you will need to check their phone or tablet.

1) In the date and time settings on the phone or tablet make sure they are synchronized correctly to the correct date and time in your time zone.

2) Install any pending phone or tablet operating system updates.
?
3) Make sure the authentication application is using the latest version.
?
4) Remove the entry for Wordfence in the authentication application.
?
5) Turn your phone or tablet fully off and on again.
?
6) Reload the Login Security >> Two-Factor Authentication page again to create a new QR code.
?
7) Try to set it up again.

If that still fails then you will likely have to delete the authentication application and start again. If you have many entries in your authentication application that can’t be backed up then you could try a separate, different application just for Wordfence.

Let me know how it goes.

Thanks,

Janet

Hi?@jaiab,

Thank you for reaching out.

You can clean the site by using the following guide: https://www.wordfence.com/docs/how-to-clean-a-hacked-wordpress-site-using-wordfence/ 

Make sure and get all your plugins and themes updated and update WordPress core, too. As a rule, any time I think someone’s site has been compromised, I also tell them to update their passwords for their hosting control panel, FTP, WordPress admin users, and database. Make sure to do this because attack vectors around your hosting or database environments are outside of Wordfence’s influence as an endpoint firewall.

Additionally, you might find the WordPress Malware Removal section in our Learning Center helpful: https://wordfence.com/learn/ 

If you’re unable to clean this on your own, there are paid services that will do it for you. Wordfence offers one and there are others. Per the forum rules, we’re not allowed to discuss Premium here, but please reach out to us at [email protected] if you have any questions about it.

Regardless, if you choose to clean it yourself or let someone else do so, we recommend that you make a full backup of the site beforehand.

Thanks,

Janet

Hi @akramipro,

Thank you for reaching out.

Our IP addresses are as listed here:

https://www.ads-software.com/support/topic/whitelist-wordfence-ip-addresses-2/

You got the IP addresses correctly. Can you please give me more details on the issue you’re having?

I’ll be happy to help.

Thanks,

Janet.

Hi @bhinze,

Thank you for reaching out.

Have you tried the troubleshooting steps on the links below?

https://www.wordfence.com/help/scan/troubleshooting/#scan-process-ended-after-forking
https://www.wordfence.com/help/central/connect/#troubleshooting-connection-issues

If so, please do the following so I can get the information I need to help you?

• Stop the existing scan if it is still running (The “Start New Scan” button turns into a “Stop” button while the scan is running).
• Go to your Wordfence > Scan > Manage Scan and locate the “Performance Options” section. Set “Maximum execution time for each scan stage” to 20. 
• Click to “Save Changes”.
• Go to the Tools > Diagnostics page.
• In the “Debugging Options” section check the circle “Enable debugging mode”.
  If “Start scan remotely” is checked, uncheck this option.
• Click to “Save Changes”.
• Start a new scan on the Scan page.
• If the scan fails again, copy the last 20 lines or so from the Log (click the “Show Log” link) once the scan finishes and paste them in the post.

On some sites, this will correct the issue. Adding “20” for the “Maximum execution time for each scan stage,” tells the scan to pause every 20 seconds and start again where it left off, which makes the scan more performance-friendly for some servers. If this fixes the issue and scans run again, you can leave all the settings above except for “Enable Debugging Mode”.

For a screenshot of my recommended Performance setting options?click here.

Thanks,
Janet

Hi?@wfrontew,

Thank you for reaching out.

In Wordfence > Login Security > Settings, there are two input boxes for the reCAPTCHA v3 Site Key and the reCAPTCHA v3 Secret. Have you set up the key and secret here?

You can obtain these by signing up your domain(s) to reCAPTCHA v3 at: https://www.google.com/recaptcha/admin/create

In most cases, this functionality fails on custom login pages. Since you mentioned you’re using the standard login pages, there’s a possibility that your server is not able to reach the reCAPTCHA API. From the command line interface on your hosting server, send this cURL request:

curl https://www.google.com/recaptcha/api/siteverify

You should see this output below for a successful connection:

{

??"success": false,

??"error-codes": [

????"missing-input-secret"

??]

}

Let me know how it goes.

Thanks,

Janet

Hi @chrisgar,

Thank you for reaching out to us and for sharing all the steps you’ve taken so far.

Can you send a diagnostic report to wftest @ wordfence . com? You can find the link to do so at the top of the Wordfence > Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.

NOTE: It should look as follows – Screenshot of Tools > Diagnostic > Send by Email

Thanks,
Janet

Hi @grl570810,

Thanks for reaching out.

Whilst we are constantly working on making the plugin faster, perform better, and use less resources, there are factors that will affect performance such as hosting your site on a shared server. Wordfence’s scan does make a lot of database queries as it runs, but they’re generally simple/fast ones that tend not to cause problems for our users.

The best ways to make sure performance won’t be a problem are:

• Ensuring the memory allocated to PHP is sufficient (most hosts set it to 256M).
• The site isn’t running an excessively high amount of plugins.
• That you are using PHP 7.4 or above.

I would also recommend reading our scan troubleshooting guide and system requirements which highlights PHP versions, recommended settings, and troubleshooting memory/CPU issues in more detail.

You could also try Wordfence > Scan > Manage Scan > Performance Options > Use low resource scanning, along with setting Maximum execution time for each scan stage, found just below to 20 to see if that helps at all.

Thanks,

Janet.

Hi @leofe,

Thank you for reaching out.

We have seen possible issues installing keys automatically more than 24 hours after generation. Additionally, if you are in a different browser than the one used when requesting your Free Wordfence license, you will be unable to automatically install it. In those cases, you will need to manually copy and paste the key from the email to complete the activation of Wordfence Security.

Aside from verifying that you did not copy only part of the license key, I would check whether you can install the license when Wordfence is the only active plugin on your site. There could be a Javascript conflict with another plugin potentially stopping the code executing the verification check.

In some cases, disabling caching plugins resolves the issue.

Let me know how it goes.

Thanks,

Janet

Hi @startechmarketing,

Thank you for reaching out.

Please try the below:

From the Wordfence Dashboard click on Manage WAF. Then you will see?Basic Firewall Options > Web Application Firewall Status. Change the option to?Learning Mode. Now perform the actions that were causing issues. This will help Wordfence learn that these actions are normal and it will allow them in the future.

After you have finished performing the actions, switch the WAF from Learning Mode back to?Enabled and Protecting. Now test to see if these actions work correctly.

https://www.wordfence.com/help/firewall/learning-mode/ is an amazing resource for learning more about the WAF and learning mode.

Let me know if this works for you.

Thanks,
Janet.