wflandon
Forum Replies Created
-
Hi ChangeAgent,
Are you still having issues with this on version 6.1.8?
Thanks for the info!
I am going to go ahead and mark this resolved. If I have feedback or questions from the dev team, I will update the post.
Thanks again.
Hi mengsel,
I will pass this on to the development team.
Thanks for the info!
Hi frigginusername,
Sorry for the trouble. This is a known bug we are working on.
During the Firewall Learning mode, If there had been a form submission, and the signature field had been used, it should have added the transaction to the whitelist rules.
The way you handled it was a good solution. For future reference, if you see something like that again, try putting the Firewall back in Learning Mode. It should see these actions as normal and not be an issue when the Firewall goes into active mode.
Thanks for the info!
Hi mklusak,
As much as I would love it if it were different, security is ever changing and evolving. There is always someone somewhere looking for the next big exploit. A lot of the times our researchers find these and add them to the signatures we scan for but sometimes they are found ‘in the wild’ by users like you. Any time you find them you can forward them (zipped or attached with .malware or .hack appended to the filename) to [email protected].
Hi arcarcane2012,
Sorry for all the trouble. I would agree with you that transferring sites with Wordfence is tricky right now. The Firewall is still a pretty new feature that we are continually working on.
Thanks a lot for the info. The more info the better. Helps us out with troubleshooting. We are looking into possible solutions for this, and better documentation as well.
Thanks again.
Hey Guys,
Is this still an issue for you on version 6.1.8?
Hi Herbert van-Vliet,
How often does this setting reset? I cannot find any other reports of this issue. Try checking the “Disable config caching” option at the bottom of the Wordfence Diagnostics page and see if that helps.
Let me know how it goes.
https://www.evernote.com/shard/s481/sh/6a580725-92d4-49a6-a1e0-a27c9c2ef604/55d95eeacfebd16f
Hi JohnP,
The first error sounds like permissions, but the database error 28 is typically related to running out of storage space. So the root of the problem may be your disk is getting full. Check into that first and let me know.
Not having access to support is one of the downsides of premium plugins in premium themes. Also, it is often more difficult to keep them updated. Which can become a problem.
Glad you got it working!
Hi electroset,
I am not sure why Wordfence is not finding those, but we will look into it.
It does seems to be an exploit of some kind. You should read this thread. https://www.ads-software.com/support/topic/link-templatephpsuspected/page/2?replies=60 There are some suggestions in there on how to clean your site. You can also contact your host to see if they can help identify the source of the problem.
Forum: Plugins
In reply to: [Wordfence Security - Firewall, Malware Scan, and Login Security] Curl errorHi sterndata,
Wordfence has a fallback if curl is not available. So it must be available but failing. This is either a bug with WordPress, or Wordfence will need to be changed before the next release. I will pass this on to the dev team and see what they say.
Wordfence firewall is fast because it catches requests before WordPress loads / fully loads. However, it is using server resources, and the request has already been handled by your web server before getting to Wordfence.
If it is just a few IPs, you could have your host block them. You could also block them via .htaccess which would be a slight speed improvement and would probably use less server resources.
A CDN / DNS type firewall, like CloudFlare, would block these requests before hitting your server, saving resources. However, I am not sure it would be much faster than your host blocking them. I would think CloudFlare firewall rules would be more difficult to implement, but I have never thoroughly looked into it. You might do some research and see what you think. If you do go with CloudFlare, make sure you change the “How does Wordfence get IPs” option. https://www.evernote.com/shard/s481/sh/e8b22c21-3fe5-4e5a-b064-d7b35e1d7c96/4b34401ed1168c08
Hi 2olive, this was working correctly for you before the latest update?
@creatura85, has this functionality worked as desired in a previous version?