Questions tagged [wordfence]
18 questions
3
votes
1 answer
How do I allow Netlify continuous integration to get past Wordfence firewall?
I have a static Gatsby site that uses WordPress for it's back end. I also have the WordFence plugin installed to prevent hackers from causing havoc. I started out without WordFence installed, the site got hacked, and we had to scrap the whole back…
Daniel Tonon
- 9,261
- 5
- 61
- 64
2
votes
2 answers
Wordpress warning - Backdoor:PHP/numeric.rce.8527
I have been looking at the Wordfence scan results on my site this morning and see 17 instances which seem to imply malware has ben installed on the server. I would be surprised if this were to be the case but wanted to be sure:
One…
PaulC
- 61
- 4
1
vote
0 answers
something is changing .htaccess file periodically
The content of .htaccess file get changed from the typical content made by WordPress to this :
# Apache 2.4+
Require all denied
# Apache 2.2
Deny from all
This…
Mohammed Etikar
- 11
- 2
1
vote
1 answer
How to disable auth verification email send, from Wordfence?
In Wordfence documentation says:
"The filter “wordfence_ls_require_captcha” can be used to disable the CAPTCHA in circumstances of your choice. This may be useful for plugins that contain REST endpoints with authentication that should not require a…
Kiriakos Grhgoriadhs
- 299
- 2
- 3
- 22
0
votes
1 answer
How to limit the number of color choices in WooCommerce filter_color?
I have a store site. Recently, bots with different IPs are sending malicious requests to my host with the aim of making the site unavailable and the site will get a 500 access denied error, for example, they send a URL with 5 colors in filter_color=…
ali
- 1
- 1
0
votes
0 answers
WordPress malware returns Even After Deleting and Reinstalling WordPress Afresh
Hello Wordpress experts,
I have been facing a problem with my wordpress website and don't just know what to do again.
I have removed wordpress malwares from several site successfully before now but this particular site is totally confusing right…
spottykay
- 9
- 1
0
votes
0 answers
http hits: wordfence/v1/authenticate
Recently, I’m getting hits like this:
/wp-json/wordfence/v1/authenticate?
(Followed by a string of numbers) about once an hour.
This is only happening on my AWS Lightsail (Bitnami) sites.
These appear to be coming from Wordfence, and I assume they…
Mike Witt
- 1
- 2
0
votes
1 answer
How to avoid WordFence block for ajax calls in custom WordPress plugin
I am beginner developer and I am developing a custom wordpress plugin and the code itself worked as expected until we installed WordFence plugin for security issues.
After WF installation every other plugin on the website works smoothly as before,…
Mihael Manolov
- 70
- 8
0
votes
0 answers
Unknown file in WordPress core: wp-admin/vZMw71yHdJQtdmHIRokAlLi7YAku9VfwxKPzNFBazQQ Type: File
Wordfence just scanned my wordpress website and foud the following file changes
Unknown file in WordPress core: wp-admin/vZMw71yHdJQtdmHIRokAlLi7YAku9VfwxKPzNFBazQQ
Type: File
Issue Found April 25, 2023 10:56 am
High
After I checked in my directory…
0
votes
0 answers
Wordpress website redirecting to some anonymous links
My new WordPress website seems to be redirected to some anonymous links and i installed wordfence plugin and start scanning and there found some errors and those fixed also. But currently in wordfence scan my website is perfectly okay. But the…
suha
- 1
- 1
0
votes
0 answers
A client's WordPress scanner shows the presencce of trojan.js.imgfake malware in an image that resided in wp-content/uploads folder. What is it?
A client uploaded an Unsplash image to his Wordpress website back in February. Yesterday, a little known virus scanner flagged the image as having trojan.js.imgfake malware. What is it and why is there no information on the internet about this…
Marifur Rahaman
- 1
- 1
0
votes
0 answers
SELECT name, val FROM wp_wfConfig WHERE autoload = 'yes'
I have got a report by my webhost and he told me that there is a key or something in the database that creates many many thousands of queries. I dont know how to understand this report. Maybe someone can help me? I think it has to do with wordfence…
AFalk
- 1
0
votes
0 answers
Is return unserialize(base64_decode($settings)) malicious?
Wordfence is highlighting this as a malicious code:
function customFiltersSettings() {
$settings = get_option('wp_custom_filters');
if (!$settings) {
return null;
}
return unserialize(base64_decode($settings));
}
This…
fivexi8617
- 43
- 1
- 7
0
votes
2 answers
cannot wordpress admin login with disabled wordfence
i have multisite wordpress (version 5.7.2) with wordfence plugins installed.
after several days not logged in i found email notification from wordfence reported that people try login using admin account but unsuccessful.
i try to login by myself too…
rendang pyk
- 3
- 1
-1
votes
2 answers
Wordfence: A potentially unsafe operation has been detected (http response code 403)
I have implemented a question and answer forum for programming questions using WordPress.
Wordfence plugin is installed on my WordPress system.
Content of posts have programming code with syntax highlighter.
ِData are inserted as AJAX request.
The…
Mohsen Movahed
- 418
- 5
- 22