Plugin / Theme Conflicts

This is a list of plugins and themes that are currently known to us that can or do conflict with the Wordfence plugin.

This is a list of plugins and themes in alphabetical order that are currently known to us that can or do conflict with the Wordfence plugin. This is by no means a complete list as there may be conflicts we are not aware of, and known conflicts may potentially be fixed in the future. Therefore this list may change in the future.

Known plugin conflicts

Plugin: Advanced Google reCAPTCHA

https://wordpress.org/plugins/advanced-google-recaptcha/

Description: Causes our two-factor authentication feature to malfunction so that any six digit two-factor authentication code entered allows access, even if the code is incorrect.

Plugin: CAPTCHA 4WP

https://wordpress.org/plugins/advanced-nocaptcha-recaptcha/

Description: Causes our two-factor authentication feature to malfunction.

Plugin: Case Insensitive URL’s

https://en-gb.wordpress.org/plugins/case-insensitive-urls/

Description: Causes Wordfence admin pages to malfunction.

Plugin: Change WP Admin Login

https://wordpress.org/plugins/change-wp-admin-login/

Description: Causes Wordfence scans to fail.

Plugin: Comet Cache

https://wordpress.org/plugins/comet-cache/

Description: It was reported to us that this plugin’s “pre-cache” feature can trigger Wordfence bot “Rate Limiting” rules and block the creation of cache files.

Fix: Adjust Wordfence bot “Rate Limiting” rules. You could also add your server IP address to the Wordfence IP address allowlist. Adding your server IP address to the Wordfence IP address allowlist on a shared server is not recommended as it allows other sites on that server to potentially attack your site and bypass all Wordfence protection.

Note: This can potentially apply to other caching plugins that have a feature that rebuilds cache files automatically.

Plugin: ELEX WooCommerce Dynamic Pricing and Discounts

https://wordpress.org/plugins/elex-woocommerce-dynamic-pricing-and-discounts/

Description: Loads JavaScript on our plugin’s admin pages which causes a conflict with our plugin’s JavaScript and prevents our plugin’s admin pages from being displayed correctly.

Plugin: Firebase Authentication

https://wordpress.org/plugins/firebase-authentication/

Description: Our two-factor authentication and CAPTCHA features causes the Firebase based login to malfunction.

Fix: Deactivate our two-factor authentication for all users and disable our CAPTCHA feature.

Plugin: hCaptcha

https://wordpress.org/plugins/hcaptcha-for-forms-and-more/

Description: Our two-factor authentication and CAPTCHA features cause the hCaptcha plugin to malfunction.

Fix: Deactivate our two-factor authentication for all users and disable our CAPTCHA feature.

Alternatively you can use our two-factor authentication and CAPTCHA features but you will need to disable these options in hCaptcha as they can’t be used:

Enable hCaptcha on Login Form
Enable hCaptcha on Register Form
Enable hCaptcha on Lost Password Form

If you also use WooCommerce then you will need to disable these options in hCaptcha as they can’t be used:

Enable hCaptcha on WooCommerce Login Form
Enable hCaptcha on WooCommerce Registration Form
Enable hCaptcha on WooCommerce Lost Password Form

Plugin: Password Protected

https://wordpress.org/plugins/password-protected/

Description: Prevents the Wordfence Central tool in your wordfence.com account from being able to communicate with the Wordfence plugin on your site.

Fix: You have two ways to fix this in the Password Protected plugin. Enable the option “Allow REST API Access” or add the Wordfence Central IP addresses below to the option “Allow IP Addresses”:

54.68.32.247
44.235.211.232
54.71.203.174

Plugin: PilotPress

https://en-gb.wordpress.org/plugins/pilotpress/

Description: Causes Wordfence scans to malfunction.

Fix: Disable the PilotPress option “Lock all users without Admin role out of profile editor”.

Plugin: Product Feed PRO for WooCommerce

https://wordpress.org/plugins/woo-product-feed-pro/

Description: Can cause the Wordfence Live Traffic page to malfunction.

Fix: Update to at least version 4.6.6

Plugin: Query Monitor

https://wordpress.org/plugins/query-monitor/

Description: When this plugin is active it can cause a Fatal PHP memory exhaustion error when a Wordfence scan is running.

Fix: Deactivate the Query Monitor plugin when you are not using it.

Plugin: Solid Security – Password, Two Factor Authentication, and Brute Force Protection

https://wordpress.org/plugins/better-wp-security/

Description: There is a compatibility issue with this plugin where using our CAPTCHA or two-factor authentication features can cause the hidden login URL set by this plugin to be exposed. The hidden login URL setting is found under “Settings” > “Advanced” > “Hide Backend” > “URLs”. At the bottom of our documentation page for our brute force login attack prevention options, we have a video explaining why we don’t recommend trying to hide the login page.

Plugin: Stop Spammers | Block Spam Users, Comments, and Emails

https://en-gb.wordpress.org/plugins/stop-spammer-registrations-plugin/

Description: This plugin’s default settings causes our two-factor authentication feature to malfunction.

Fix: Disable the Stop Spammers option “Check Credentials on All Login Attempts”.

Plugin: Theme My Login

https://en-gb.wordpress.org/plugins/theme-my-login/

Description: When our CAPTCHA feature is enabled users can’t log in and the default WordPress login error, or our “Don’t let WordPress reveal valid users in login errors” option error, is not displayed.

If at least one user has our two-factor authentication enabled then the default WordPress login error, or our “Don’t let WordPress reveal valid users in login errors” option error, is not displayed.

If at least one user has our two-factor authentication enabled and another user that does not have our two-factor authentication enabled tries to log in then they will not be able to log in.

If a user has our two-factor authentication enabled they can log in with their username and password to generate the two-factor authentication code submission form, but they will not be able to log in when entering the two-factor authentication code.

Plugin: Two-Factor

https://wordpress.org/plugins/two-factor/

Description: Prevents successful logins from being recorded and shown in the “Login Attempts” widget on the “Firewall” page.

Plugin: Two Factor Authentication

https://en-gb.wordpress.org/plugins/two-factor-authentication/

Description: When our CAPTCHA is enabled then when you login with this plugin our error “ERROR: The username or password you entered is incorrect” is incorrectly displayed. However, the two-factor authentication code still works and allows a successful login.

Fix: Disable our CAPTCHA feature.

Plugin: User Meta – User Profile Builder and User management plugin

https://wordpress.org/plugins/user-meta/

Description: Causes our two-factor authentication feature to malfunction.

Plugin: UsersWP – User Profile & Registration

https://wordpress.org/plugins/userswp/

Description: Our two-factor authentication and CAPTCHA features cause this plugin’s custom login modal to malfunction.

Fix: Deactivate our two-factor authentication for all users and disable our CAPTCHA feature.

Plugin: WPS Hide login

https://en-gb.wordpress.org/plugins/wps-hide-login/

Description: There is a compatibility issue with this plugin where using our CAPTCHA or two-factor authentication features can cause the hidden login URL set by this plugin to be exposed. At the bottom of our documentation page for our brute force login attack prevention options, we have a video explaining why we don’t recommend trying to hide the login page.

Known theme conflicts

Theme: Divi

https://www.elegantthemes.com/gallery/divi/

Description: Our two-factor authentication feature doesn’t work with the Divi Login Module feature but there is a workaround described below.

Fix: Your users can still log in if they add their two-factor authentication code after their password when logging in as described here. The Divi Login Module feature allows you to add custom text so that you can provide your users with instructions for how to log in.