Title: Basic Auth vs. WordFence Last modified: September 30, 2022 --- # Basic Auth vs. WordFence * Resolved [vaniivan](https://wordpress.org/support/users/vaniivan/) * (@vaniivan) * [3 years, 8 months ago](https://wordpress.org/support/topic/basic-auth-vs-wordfence/) * I’m using cron curl to call a URL which is using basic auth to impersonate a service admin user which then picks posts and products from WP_REST_Request:: from_url. The tricky part is that this call requires user permission, and I provide that using basic auth in the curl request. Upon enabling WordFence I lost the basic auth login, provided by JSON Basic Authentication plugin, is there a way for these two to coexist? - This topic was modified 3 years, 8 months ago by [vaniivan](https://wordpress.org/support/users/vaniivan/). Viewing 3 replies - 1 through 3 (of 3 total) * Plugin Support [wfpeter](https://wordpress.org/support/users/wfpeter/) * (@wfpeter) * [3 years, 8 months ago](https://wordpress.org/support/topic/basic-auth-vs-wordfence/#post-16064125) * Hi [@vaniivan](https://wordpress.org/support/users/vaniivan/), * Are you seeing blocks reported in **Live Traffic** when this plugin attempts to auth? Usually, expanding these entries by clicking them will either let you add the requests to Wordfence’s allowlist via a button, or at least explain _why_ they’re being blocked – usually a firewall rule or a custom [Brute Force](https://www.wordfence.com/help/firewall/brute-force/)/ [Rate Limiting](https://www.wordfence.com/help/firewall/rate-limiting/) setting. * If you’re unable to find a way around it, also try again while [Learning Mode](https://www.wordfence.com/help/firewall/learning-mode/) is enabled. * From the Wordfence Dashboard click on Manage WAF. Then you will see **Basic Firewall Options > Web Application Firewall Status**. Change the option to **Learning Mode**. Now perform the actions that were causing issues. This will help Wordfence learn that these actions are normal and it will allow them in the future. After you have finished performing the actions, switch the WAF from Learning Mode back to **Enabled and Protecting**. Now test to see if these actions work correctly. * Let me know how that goes, * Peter. * Thread Starter [vaniivan](https://wordpress.org/support/users/vaniivan/) * (@vaniivan) * [3 years, 8 months ago](https://wordpress.org/support/topic/basic-auth-vs-wordfence/#post-16071642) * Hi, thanks for the tips. WordFence in this case reports “attempted a failed login as “username””, even though that same login data (sent as Basic auth header in both cases) is working immediately after disabling WordFence plugin. - This reply was modified 3 years, 8 months ago by [vaniivan](https://wordpress.org/support/users/vaniivan/). - This reply was modified 3 years, 8 months ago by [vaniivan](https://wordpress.org/support/users/vaniivan/). * Thread Starter [vaniivan](https://wordpress.org/support/users/vaniivan/) * (@vaniivan) * [3 years, 8 months ago](https://wordpress.org/support/topic/basic-auth-vs-wordfence/#post-16072362) * It stems from Recaptcha login protection. When I set the Recaptcha to test mode, the basic auth starts working. Viewing 3 replies - 1 through 3 (of 3 total) The topic ‘Basic Auth vs. WordFence’ is closed to new replies. * ![](https://ps.w.org/wordfence/assets/icon.svg?rev=2070865) * [Wordfence Security - Firewall, Malware Scan, and Login Security](https://wordpress.org/plugins/wordfence/) * [Frequently Asked Questions](https://wordpress.org/plugins/wordfence/#faq) * [Support Threads](https://wordpress.org/support/plugin/wordfence/) * [Active Topics](https://wordpress.org/support/plugin/wordfence/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/wordfence/unresolved/) * [Reviews](https://wordpress.org/support/plugin/wordfence/reviews/) * 3 replies * 2 participants * Last reply from: [vaniivan](https://wordpress.org/support/users/vaniivan/) * Last activity: [3 years, 8 months ago](https://wordpress.org/support/topic/basic-auth-vs-wordfence/#post-16072362) * Status: resolved