wfyann

Hi @hellfyr,

You’re receiving this alert because the “Alert me when someone with administrator access signs in” option is enabled (on the “Wordfence –> Dashboard –> Global Options” page, in the “Email Alert Preferences” section).

Regarding removing/resetting Wordfence, please see this article from our documentation.

Hi @digitalie,

You should be prompted to include this within our “wordfence-waf.php” file which should maintain compatibility with your site, or you can opt to override the existing PHP setting.

However before choosing either option please check with your hosting provider if this “prepend.php” file is part of their standard install and if it is actually used for any purpose within your environment.

Hi @maggieymae,

In case PHP error logging is enabled on your site, can you please check the PHP logs to see if there are any errors around the time the issue occurs?

If not, could you enable WP_DEBUG and check the generated file? –which should be accessible from the “Log Files” section of the “Wordfence –> Tools –> Diagnostics” page.

Hi @gohanman,

That “5 years old” statement was more of a general recommendation. Sorry if it caused some confusion.

In case you still see/receive that alert after the next Wordfence update or if your host is having trouble connecting to our servers, please let us know and we’ll be happy to further assist you.

Hi @martychc23,

The “Real-Time IP Blacklist” is available in our Premium version; and in accordance with the WordPress forum guidelines we aren’t allowed to discuss Premium features here.

I suggest you contact us via email (presales[at]wordfence[dot]com) so we can further assist you.

You can also find more information on our website.

Hi @anjananath,

I can confirm that this modification is not performed by Wordfence.

I suggest you check with your hosting provider if this could be caused by some automated process on the server.

Also please look into our site cleaning guide in order to perform a thorough verification of your site’s integrity.

You can also find advice on how to harden your WordPress site in our Learning Center.

Hi @srd75,

What you could try here is either:

• Temporarily switch the Firewall Status to “Learning Mode“
• Force Wordfence to completely (and permanently) ignore what happens in the subdirectory by placing a “.user.ini” file with “auto_prepend_file = none” in it. –as discussed in this topic

Let me know if that helps.

Hi @gohanman,

Thank you for bringing this up.

Our developers are aware of this issue and a fix will be implemented in the upcoming version (7.1.4).

Wordfence does support OpenSSL 1.0.1; you can find more information in our documentation.

Hi @360sms,

Thank you for leeting me know!

I’m glad everything is now working fine.

Hi @iteamwp,

The email alerts are generated when the scans report issues so unless you run a new scan the reason for the suggested update won’t be reassessed and therefore no new email alert will be sent until a new scan is executed.

It’s not that we perform specific checks on our side, rather we update our list of known vulnerabilities by pulling information from an official source; our servers are updated at least once a day.

Sometimes a plugin author fixes a vulnerability that hasn’t been reported yet and in such case official sources for vulnerabilities do not report the issue.
Regarding the time frame; again it all depends on when the security issue gets confirmed/validated. We have no control over that.

You can check these resources for more information on known vulnerabilities: National Vulnerability Database (NVD), CVE.

Hi @shirtsngiggles,

Are there any errors in the PHP log file or web server error log?

Could you please temporarily enable WP_DEBUG and check any generated log files? (see the “Log Files” section on the “Wordfence –> Tools –> Diagnostics” page)

Hi @bannec,

I believe you got in touch with our Premium Support team regarding this issue so I’m marking this topic as resolved.

Hi @iteamwp,

We do mark plugins as being vulnerable when we know for certain they are.

Unfortunately we can’t rely on authors’ changelogs for detecting vulnerabilities, because there are too many inconsistencies (for example, they might mention “security hardening”, which isn’t necessarily a vulnerability fix) and some authors maintain changelogs outside of www.ads-software.com or commit changelogs in a non-standard way.

Once a vulnerability is officially confirmed we update our servers’ list of known vulnerabilities which then allows scans to accurately report the issue.

I confirmed the “UK Cookie Consent” plugin now shows a critical scan result with a link about the security fixes for version 2.3.9 -> 2.3.10.

Thanks for the update, @lordsnake.

I’m glad we cleared up this mystery!

Hi @srd75,

Could you please:

• Go to the Wordfence Tools page
• Click the Diagnostics tab
• Hit the Send Report by Email button
• Send the report to yann[at]wordfence[dot]com

Also, on that same Wordfence Tools page, scroll down to the “Debugging Options” section (bottom of the page) and tick the “Enable debugging mode” box –make sure to hit the “Save Changes” button.

Then run a new scan and once it stops, click the “Email Activity Log” link and please send it to the aforementioned address.

Make sure to disable the debugging mode after you’ve carried out the above steps.

Thank you.