Welcome

Hi all.

Wordfence launched 48 hours ago. We’re exhausted, but already have over 120 installs. Please post your questions and comments here and we’ll get to them as fast as we can.

Welcome to Wordfence.

Hi,

I keep getting the following error when I run scans:

[error : 0.0100 : 52 mins ago] curl_setopt() [function.curl-setopt]: CURLOPT_FOLLOWLOCATION cannot be activated when in safe_mode or an open_basedir is set (2) File: /home/…/domains/…/public_html/wp-content/plugins/wo

It doesn’t appear to be causing any serious problems, and from what I can tell the program is running great, but I was just wondering how I could fix that error. Any ideas?

Thanks!

Thanks for reporting this Chris. It is a warning and nothing to worry about. However it’s not pretty, so we’ll get rid of it in the next release.

Mark.

Thanks Mark!

Are there any other security related plugins that you would recommend for WordPress, perhaps which might compliment some of the features that Wordfence currently offers?

As an aside, I just started using Wordfence yesterday, and already has helped me to catch a few things that would have gone by unnoticed. So, thanks! Keep up the good work.

Thanks Chris. We try to be the only security plugin that you will need. We offer, as far as I’m aware, all the necessary features to run a secure website. If there is a feature that you know of that we don’t offer, please let me know so that I can include that in Wordfence.

Regards,

Mark.

Some of the other plugins say that they add index.php to the wp-content, wp-content/plugins, wp-content/themes and wp-content/uploads directories in order to prevent directory listings.

Does Wordfence do this? Do you think that this is a necessary thing to do?

Chris,

WordPress core already adds these index.php files to all directories excluding the uploads directory. We will chat about adding it to the uploads directory so thanks for this. There may also be a more elegant way to prevent directory listing through .htaccess or another method, rather than creating index.php files, so we’ll explore that.

Regards,

Mark.

Hi Mark,

Sorry to keep bothering you, but I have another question. Since I installed your program last night it has caught one guy who seems to be testing my WordPress install, and keeps trying passwords on different accounts. Luckily now that I have Wordfence these attempts are being blocked, and his IP address is being banned, but it is only temporary, and then after the time limit is over it looks like he comes right back and starts trying again. Is there any way to use Wordfence to ban specific IP addresses permanently, or is this something that you could integrate at some point in the future?

Thanks,
Chris

Thanks Chris. That’s a good idea. I’ve added it to our list.

Regards,

Mark.

Hey Mark,

I just got restricted from my own site somehow, and I’m not sure what to do. Everything was fine, but then when I tried refreshing my admin panel all of a sudden I started getting this message a few minutes ago. Help?

Service Unavailable

Your access to this service has been temporarily limited. Please try again in a few minutes. (HTTP response code 503)

This response was generated by Wordfence.

Ok, I had a friend who is also an administrator unblock my IP address, which the system had blocked as being a fake Googlebot. Is there any way to exclude my IP address so that this doesn’t happen again in the future? If I put it in the section that says “List of comma separated IP addresses to ignore:” will that do the trick, or will that just stop logging my traffic? That was a bit scary.

Sorry to hassle you all day.

No problem.

We’re working on a whitelist and also a way for admin’s to unblock themselves without compromising security. I’d recommend disabling blocking fake Googlebots for now. We should have a release out tomorrow with whitelisting and a way for admin’s to unlock/unblock themselves if they’re accidentally blocked.

Regards,

Mark.

Awesome! I just signed up for a premium account in order to show my support. Once again, keep up the good work.

Thanks Chris. :-)