wfmark

Hi @kitka ,

For the administrator role, only two options are available, Optional and Required due to the sensitivity of the role. If an account with administrator level access is compromised, it could cause a lot of damage to the site.

If you don’t want 2FA for administrators choose  Optional – This means admins can use 2FA, but is not required to enable it. So administrators can use 2FA only if they want to. 

Thanks,

Mark

Hello?@ibrahimk53 , and thanks for reaching out to us!

Thanks for reaching out. ?I’m happy to provide you instructions on how to get back in. ?

If you have lost or replaced your old phone and can no longer access your site(s), and you have misplaced the 2FA backup codes, there are 2 ways to get back into the site.  

• Please use?FTP/SFTP?— or any file manager your web host provides via their administration panel. ?
• Look inside the?/wp-content/plugins/?directory and rename the?wordfence?directory to?wordfence.bak. This will deactivate Wordfence and allow you to login without the 2FA code. ?
• Once you have logged in to your WordPress admin you can name the folder back to?wordfence?again. ?
• Go to your user profile and add 2FA back to your account, making sure to download the backup codes in case of problems in the future.

Let me know if this helps.

Thanks.

Hello @mayaeadie, and thanks for reaching out to us!

I’m happy to provide you with instructions on how to get back into your site. Follow these steps:

• Please use FTP/SFTP — or any file manager your web host provides via their administration panel.
• Look inside the?/wp-content/plugins/?directory and rename the?wordfence?directory to?wordfence.bak.
• Once you have logged in to your WordPress admin you can name the folder back to?wordfence?again.
• Refresh your dashboard and you should be able to see Wordfence Active again. If not, go to the Plugins page and Activate it.

If you are not receiving emails, the unlock emails actually come from your website and not our servers. If you aren’t getting emails then you might want to check:

• The emails (they come from?[email protected]) are getting sent to your junk mail folder by your email client or provider. Make sure and whitelist or add your website to the list of safe domains so you get emails consistently.
• Your web server is having a problem with the email software on it. This isn’t like regular emails you send and receive, but rather server alert messages. Usually, a restart of postfix or sendmail (whichever is installed) can fix it. Your hosting provider may need to help with this.
• Your hosting provider has disabled SMTP from the server for some reason like preventing the server from being used to spam people.
• You have a third party plugin for sending emails with another service, like Gmail, which isn’t working. Reaching out to the plugin author for support can help.

Thanks,

Mark.

Hi @jeriss , thank you for reaching out.

The size of the tables (wffilemods and wfknownfilelist) may be explained by the number of files being scanned. Do the database tables double in size every time a scan runs? If not, you should be good to go if the scans are working.

wp_wffilemods and wp-wfknownfilelist?should be truncated at the start of new scans. If you visit?Wordfence > Tools > Diagnostics > MySQL, are your privileges to INSERT, UPDATE, TRUNCATE etc. here reporting back as OK? It should be safe to empty the tables as it’s meant to happen next time a scan runs, but the size.

Thanks,

Mark

Hi?@motiveagency, thanks for reaching out to us about this issue.

Which authenticator app are you using? The reason I ask is that when the time offset seems fine, we have seen specific authenticators give different results. Confirming whether another authenticator also fails would be good to determine the cause.

Please try using Google Authenticator, Microsoft Authenticator, Authy, etc. Here is a list of apps we’ve tested:?https://www.wordfence.com/help/tools/two-factor-authentication/#how-to-enable-two-factor-authentication

Thanks,
Mark.

Hi @mosadekur, thanks for reaching out.

Wordfence licenses are based on how many WordPress installations you will protect. ?The amount of domains does not matter since you can have several domain names pointed to the same WordPress installation. ?To simplify it:
*? If you have a single WordPress site (only one set of WordPress installation files) you only need one Premium, Care, or Response license. ?
*? If you have created a network of sites using?WordPress multisite?(where many WordPress sites share the same set of WordPress installation files) then only one Premium or Free license is needed to cover all the sites in the multisite with Premium or Free protection. ?Also, in a WordPress multisite installation Wordfence is installed and configured in the?/network?admin area and not in the individual subsites. ?
*? If you have several WordPress sites, each with its own set of WordPress installation files, you would need a Wordfence license for each site. ?

Thanks,

Mark

Hi @kristinubute , Thank you for reaching out.

For the xmlrpc.php login attempt, please confirm that you have selected the option Disable XML-RPC authentication under Wordfence>Login Security> Settings.

When users are blocked by Brute force protection or Rate limiting, blocks normally expire after the amount of time set under WordFence> Firewall> Manage Brute Force Protection > Amount of time a user is locked out or WordFence> Firewall> All Firewall options > Rate Limiting> How long is an IP address blocked when it breaks a rule respectively.

To make the blocks permanent, navigate to Wordfence > Firewall > Blocking. Select the checkbox next to the block associated with the IP address and click on Make Permanent.

However, the attacker  may have access to a large pool of IP addresses and hostnames if you block them and change their tactics so they can easily circumvent your blocking rules. Wordfence does all of the important blocking for you automatically so you don’t have to, but if you wish to make your brute force protection settings a little stricter so that they can’t retry as frequently, for example reducing login failures to 3 or 5 instead of the default 20 or increasing the Amount of time a user is locked out, you might find the following links useful to learn some more:

https://www.wordfence.com/help/firewall/brute-force/ 

Let me know if you have any further questions.

Thanks,
Mark.

Hi @swervedesigns, Thanks for reaching out.

To change the email address, please navigate to Wordfence > Dashboard > Global Options page on your website in the General Wordfence Options section where it says “Where to email alerts”. Don’t forget to save the changes before leaving the page.

Thanks,

Mark

Hi?@johnleenci , thanks for getting in touch.

Could you please check whether you can install the license when Wordfence is the only active plugin on your site? A Javascript conflict with another plugin could potentially stop the key verification from communicating with our servers.

Let me know if it still doesn’t work.

Thanks,

Mark.

Hi @matk33,

Thank you for reaching out and sharing this with us.

We will keep this in mind for any similar issues that come up for customers with a similar setup.

Thanks,
Mark.

Hi @takasur, thanks for reaching out.

Can you send a diagnostic report to wftest @ wordfence.com? You can find the link to do so at the top of the Wordfence Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.

Thanks,

Mark.

Hi @ctrlinternet, thanks for reaching out.

Please use the trash icon under the Connection Issues tab in the Wordfence Central tool in your wordfence.com account to remove the site.

In the plugin, expand the Other Tests section on the Wordfence Tools >> Diagnostics page and press the button Clear Local Connection Data.  You will need to have at least Wordfence version 7.11.3 installed to see this option.

Now try to connect to Wordfence Central from the?Wordfence Central Status?widget on the Wordfence plugin?Dashboard?page.

If that doesn’t work, please follow our guide below for Cloudflare:

https://www.wordfence.com/help/central/connect/#troubleshooting-connection-issues

Kind regards,

Mark.

Hello @walletup , and thanks for reaching out to us!

I would suggest changing the Wordfence Web Application Firewall into Learning Mode. From the Wordfence Dashboard, click on Manage WAF. Then you will see Basic Firewall Options > Web Application Firewall Status. Change the option to Learning Mode. Now confirm that you can submit the publication. Once done, switch the WAF from Learning Mode back to Enabled and Protecting and test to see whether it works..

https://www.wordfence.com/help/firewall/learning-mode/ is an amazing resource for learning more about the WAF and learning mode.

Let me know in case the above doesn’t solve your issue.

Thanks,

Mark.

Hi?@corsifotoverona , sorry to see you’re having problems installing Wordfence.

An error on port 443 means your server can’t see ours so we need to find out why.

Have you tried all of the troubleshooting steps on the following page?: https://www.wordfence.com/help/api-key/#installing-your-free-license-key

I only ask to ensure the common problems have been tried first. You should still have access to the Wordfence > Tools menu to send us a diagnostic report if the link above hasn’t helped, so we can take a closer look at possible communication or configuration problems. You can send that to us at wftest @ wordfence . com. Click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.

NOTE: It should look as follows – Screenshot of Tools > Diagnostic > Send by Email

Thanks,

Mark.

Hi, @beingbaban, Thanks for reaching out.

An increased attack rate would happen for one primary reason – attackers are more active. Most likely, someone ran a script against your site to see if they could find a security hole. Since all of the requests were blocked, there is nothing you need to do.?

You can also disable this email if you want since there is no action you need to take when attacks increase. It’s more of a notification for people who may want to dig further. But that would be more out of curiously that necessity. If you want to disable the option, it’s called “Alert me when there’s a large increase in attacks detected on my site” and you can find it by searching at the top of the Wordfence “All Options” page.

Unfortunately, large attack rates is an everyday occurrence on WordPress sites. That is of course precisely why developed Wordfence.

For the sites with a premium license, please open a support ticket at https://support.wordfence.com. They will be able to assist you faster and more efficiently.

Thanks,

Mark.