Find out your PHP version, database permissions, connectivity test results, and much more in Wordfence Diagnostics.
The “Tools” > “Diagnostics” page contains a large number of checks related to your Wordfence installation. If you have spoken to Wordfence Support, they may ask you to have a look at this page or specific parts of it. You can click the “Send report by email” button and email yourself or a support representative a full diagnostics report. You can also click the “Export” button to export the diagnostic data as a plain text file.
Please note: Failing tests or error messages are not always a sign of something that you need to fix, but they can help the Wordfence team when troubleshooting a problem.
Notes on selected tests
Checking if web server can read from ~/wp-content/wflogs
Reading files in this location is normally required, unless the site is using Wordfence’s “mysqli storage engine”. This is the default on some hosts like WP Engine. If you see messages about files that do not exist here, it is ok as long as they are not marked with a red X. In this case, your site would not require these files, but it is sometimes useful for the Wordfence support team to know if they exist or not. This also applies to “Checking if web server can write to ~/wp-content/wflogs”.
Some hosts prevent your site from seeing which user PHP is running as. If this test says “Unavailable”, it is usually fine, even if marked with a red X. The Wordfence plugin does not need to know the process owner, but knowing the process owner sometimes can help the support team troubleshoot specific issues.
Connecting back to this site via IPv6
IPv6 is not required by Wordfence, but if a site has IPv4 and IPv6 addresses, some connections for WordPress cron jobs and the Wordfence scan may be made by IPv6 without being explicitly requested. If this affects Wordfence scans, you can enable the option “Use only IPv4 to start scans” on the Scan Options page.
If you use Cloudflare, note that Cloudflare assigns an IPv6 address to your site by default. Some hosts may not be able to make outbound IPv6 connections, which can cause intermittent connection failures when your site needs to connect back to itself. If this case applies to you, please enable the option “Use only IPv4 to start scans”.
Click to view your system’s configuration in a new window
This link will show you the output of the “phpinfo” PHP function. If this page is blank, it likely means your web host has disabled the use of the “phpinfo” PHP function. You will then need to contact your web host to find out how PHP is configured on your site.
Test your WordPress host’s available memory
This test will create a data structure that uses memory up to the limit set in the option “How much memory should Wordfence request when scanning” on the “Scan” > “Scan Options and Scheduling” page. The test will show if your web server allows you to allocate at least that much memory. If this test fails then you should contact your hosting provider and ask them to allocate more memory to your hosting account. Wordfence generally uses a small amount of memory during regular visits, but it requires more during scans, especially if your site has a lot of files, content, users, or other data.
This test may not work on all hosts, especially if they limit memory in a different way, aside from the PHP “memory_limit” function. Additionally, if the test shows your home page rather than the test results, this could be a sign of other limitations on the server or a conflict with a theme or another plugin.
Send a test email from this WordPress server to an email address
This is a way to test if email from your WordPress site is working. Enter your own email address and hit the send button. If you do not receive an email (remember to check your spam folder) then log a support ticket with your hosting provider to investigate why your WordPress site is unable to successfully send a test email.
Send a test activity report email
This sends an email containing a summary of the recent activity on your site, for testing purposes.
Clear all Wordfence Central connection data
If you are unable to disconnect a site from Wordfence Central, or you are attempting to reconnect a site that was previously connected, you can click the “Clear Connection Data” button. After that, connecting to Wordfence Central from the “Wordfence Central Status” widget on the Wordfence plugin “Dashboard” page should be possible again.
Enable debugging mode
This will enable verbose logging in Wordfence. A lot more will be written to the scan activity log which you can see on the “Scan” page.
More of the additional activity written to the log can be seen when you perform a scan. However, during many other operations, we do additional logging if this option is enabled.
Note that when this option is enabled, a significant amount of additional data is written to the database, so it increases your site’s database, network, and CPU load significantly. We recommend you only enable this option for short periods of time (an hour at a time) while you are trying to solve a specific problem with Wordfence.
Start all scans remotely
Wordfence usually starts scans by having the server connect to itself with a request to launch a scan. Some servers are unable to connect to themselves correctly so we have created a mechanism that causes your Wordfence installation to connect to our servers which then connect back to your server to start the scan.
Note that this uses a secure token that prevents any user on the public internet from starting a scan. Enable this option if your scans don’t start correctly.
Enable SSL Verification
SSL verification should normally be enabled, but it can be disabled if you are consistently unable to connect to the Wordfence servers. You can see the status of your connection to Wordfence servers on the “Diagnostics” page in the “Connectivity” section.
Disable reading of php://input
The firewall uses the “raw” body of requests by reading “php://input”. Older versions of PHP only allow reading this data once, and if another plugin needs it but does not fall back to using $HTTP_RAW_POST_DATA, it cannot load the data. This option disables reading of “php://input”, and has essentially the same function as the constant “WFWAF_DISABLE_RAW_BODY”, but it can allow the body to be captured in a different way in some cases.
Some versions of PHP using LSAPI, the LiteSpeed server API (including CloudLinux), had a bug that caused some requests to make large temporary files when “php://input” was read. This should be fixed in the middle of 2018, but we have not heard of a definite date yet. If your hosting provider does not apply updates for PHP, Apache, or CloudLinux, you may still have this issue later in 2018, though it is a relatively rare issue.
Generally, this option should be unchecked, unless you are having the specific problems above, since a few firewall rules depend on reading the raw body, to be effective.
Enable beta threat defense feed
If you enable this option you will be participating in the group of users who get the beta version of our Threat Defense Feed. This is not recommended for production sites, since beta signatures are not yet fully tested and can cause slow scans, scan failures, or false positives. This option has no effect unless a Premium license key is installed.
Enable Wordfence translations
This option is on by default. If you have a site that is not in USA English, Wordfence is beginning to support translation to other languages. If you have any problems with a translation or have a multilingual site and want to keep Wordfence in English, you can disable this option.