The “Tools” > “Diagnostics” page contains a large number of checks related to your Wordfence installation. If you have spoken to Wordfence Support, they may ask you to have a look at this page or specific parts of it. You can click the “Send report by email” button and email yourself or a support representative a full diagnostics report. You can also click the “Export” button to export the diagnostic data as a plain text file.

Please note: Failing tests or error messages are not always a sign of something that you need to fix, but they can help the Wordfence team when troubleshooting a problem.

Notes on selected tests

Checking if web server can read from ~/wp-content/wflogs

Reading files in this location is normally required, unless the site is using Wordfence’s “mysqli storage engine”. This is the default on some hosts like WP Engine. If you see messages about files that do not exist here, it is ok as long as they are not marked with a red X. In this case, your site would not require these files, but it is sometimes useful for the Wordfence support team to know if they exist or not. This also applies to “Checking if web server can write to ~/wp-content/wflogs”.

Process Owner

Some hosts prevent your site from seeing which user PHP is running as. If this test says “Unavailable”, it is usually fine, even if marked with a red X. The Wordfence plugin does not need to know the process owner, but knowing the process owner sometimes can help the support team troubleshoot specific issues.

Connecting back to this site via IPv6

IPv6 is not required by Wordfence, but if a site has IPv4 and IPv6 addresses, some connections for WordPress cron jobs and the Wordfence scan may be made by IPv6 without being explicitly requested. If this affects Wordfence scans, you can enable the option “Use only IPv4 to start scans” on the Scan Options page.

If you use Cloudflare, note that Cloudflare assigns an IPv6 address to your site by default. Some hosts may not be able to make outbound IPv6 connections, which can cause intermittent connection failures when your site needs to connect back to itself. If this case applies to you, please enable the option “Use only IPv4 to start scans”.

If you see the message “IPv6 DNS resolution failed”, it usually means that your site does not have an IPv6 address. This is generally fine to ignore, but can be helpful to the Wordfence support team when troubleshooting.

Other Tests

Click to view your system’s configuration in a new window

This link will show you the output of the “phpinfo” PHP function. If this page is blank, it likely means your web host has disabled the use of the “phpinfo” PHP function. You will then need to contact your web host to find out how PHP is configured on your site.

Test your WordPress host’s available memory

This test will create a data structure that uses memory up to the limit set in the option “How much memory should Wordfence request when scanning” on the “Scan” > “Scan Options and Scheduling” page. The test will show if your web server allows you to allocate at least that much memory. If this test fails then you should contact your hosting provider and ask them to allocate more memory to your hosting account. Wordfence generally uses a small amount of memory during regular visits, but it requires more during scans, especially if your site has a lot of files, content, users, or other data.

This test may not work on all hosts, especially if they limit memory in a different way, aside from the PHP “memory_limit” function. Additionally, if the test shows your home page rather than the test results, this could be a sign of other limitations on the server or a conflict with a theme or another plugin.

Send a test email from this WordPress server to an email address

This is a way to test if email from your WordPress site is working. Enter your own email address and hit the send button. If you do not receive an email (remember to check your spam folder) then log a support ticket with your hosting provider to investigate why your WordPress site is unable to successfully send a test email.

Send a test activity report email

This sends an email containing a summary of the recent activity on your site, for testing purposes.

Clear all Wordfence Central connection data

If you are unable to disconnect a site from Wordfence Central, or you are attempting to reconnect a site that was previously connected, you can click the “Clear Local Connection Data” button. After that, connecting to Wordfence Central from the “Wordfence Central Status” widget on the Wordfence plugin “Dashboard” page should be possible again.

If you notice a warning message mentioning “Your site is currently linked to Wordfence Central under a different site URL.” and your site is a single site with multiple domains or subdomains, and you have not cloned it while it was connected to Wordfence Central such as to create a staging environment, you can dismiss this message.

If you have cloned a site that was connected to Wordfence Central, such as to create a staging environment, this may cause conflicts. It is recommended to click the “Clear Local Connection Data” button on the cloned site. After that, connecting to Wordfence Central from the “Wordfence Central Status” widget on the Wordfence plugin “Dashboard” page should be possible again. Alternatively, if you wish to disconnect both the original and cloned site from Wordfence Central, click the “Clear All Connection Data” button.

Debugging Options

Enable debugging mode

This will enable verbose logging in Wordfence. A lot more will be written to the scan activity log which you can see on the “Scan” page.

More of the additional activity written to the log can be seen when you perform a scan. However, during many other operations, we do additional logging if this option is enabled.

Note that when this option is enabled, a significant amount of additional data is written to the database, so it increases your site’s database, network, and CPU load significantly. We recommend you only enable this option for short periods of time (an hour at a time) while you are trying to solve a specific problem with Wordfence.

Start all scans remotely

Wordfence usually starts scans by having the server connect to itself with a request to launch a scan. Some servers are unable to connect to themselves correctly so we have created a mechanism that causes your Wordfence installation to connect to our servers which then connect back to your server to start the scan.

Note that this uses a secure token that prevents any user on the public internet from starting a scan. Enable this option if your scans don’t start correctly.

Enable SSL Verification

SSL verification should normally be enabled, but it can be disabled if you are consistently unable to connect to the Wordfence servers. You can see the status of your connection to Wordfence servers on the “Diagnostics” page in the “Connectivity” section.

Disable reading of php://input

The firewall uses the “raw” body of requests by reading “php://input”. Older versions of PHP only allow reading this data once, and if another plugin needs it but does not fall back to using $HTTP_RAW_POST_DATA, it cannot load the data. This option disables reading of “php://input”, and has essentially the same function as the constant “WFWAF_DISABLE_RAW_BODY”, but it can allow the body to be captured in a different way in some cases.

Some versions of PHP using LSAPI, the LiteSpeed server API (including CloudLinux), had a bug that caused some requests to make large temporary files when “php://input” was read. This should be fixed in the middle of 2018, but we have not heard of a definite date yet. If your hosting provider does not apply updates for PHP, Apache, or CloudLinux, you may still have this issue later in 2018, though it is a relatively rare issue.

Generally, this option should be unchecked, unless you are having the specific problems above, since a few firewall rules depend on reading the raw body, to be effective.

Enable Wordfence translations

This option is on by default. If you have a site that is not in USA English, Wordfence is beginning to support translation to other languages. If you have any problems with a translation or have a multilingual site and want to keep Wordfence in English, you can disable this option.