Plugin Support
WFAdam
(@wfadam)
Hello @dok_h and thanks for reaching out to us!
It looks like Cloudflare might be redirecting the admin-ajax.php request.
If your site is protected by Cloudflare, you may need to update your Cloudflare settings to allow your site to connect back to itself. You should be able to do this by going to your Cloudflare control panel.
- Login to Cloudflare
- Go to “Firewall”
- Click the “Firewall Rules” tab
- Click “Create a Firewall rule”
- Name the rule under “Rule Name”
- Set the “Field” under “When incoming requests match…” to “IP Address”
- Enter your site’s IP address under “Value”
- At the bottom, under “Then…Choose an action” change “Block” to “Allow”
- Click “Deploy
Once you have added your site to the Cloudflare Whitelist, head back over to your site and attempt another scan.
Let me know if this helps and if you have any questions!
Thanks!
Hi @wfadam , thanks for the reply, unfortunately this did not solve the issue. Any other idea? I also tried “Start all scans remotely” option, but no luck. Connection to Wordfence server is OK, but connecting back to site still fails.
Plugin Support
WFAdam
(@wfadam)
Can you send me another diagnostic now that we have those settings in place?
If you could, could you also screenshot your Scan Performance Settings from your Wordfence > All Options > Scan Options > Performance page.
Thanks!
Hi,
here is connectivity diagnostics: https://codeshare.io/GLkrKp
I believe its the same.
Here is screenshot: https://postimg.cc/4nmJdhJY
Let me know if you need anything else.
Thanks
Plugin Support
WFAdam
(@wfadam)
What is strange is the response is a 307. If this was Wordfence related it would either be a 403(Firewall) or a 503(Rate-Limit or Brute Force Protection). It is definately something Cloudflare related, I would assume CF is limiting admin-ajax.php connectivity.
Can you send a diagnostic report to wftest @ wordfence . com? You can find the link to do so at the top of the Wordfence Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.
Thanks!
Hi @wfadam
The report is sent. Let me know if it helps.
Thanks
Plugin Support
WFAdam
(@wfadam)
Thanks for sending that! I see a few issues on your site but lets start by correcting the current scan issue.
Head over to your site and go to Wordfence > All Options > General Wordfence Options > How does Wordfence get IPs. Since you’re using Cloudflare, select “Use the Cloudflare “CF-Connecting-IP” HTTP header to get a visitor IP. Only use if you’re using Cloudflare.”.
This will change how your site detects IP addresses, which will correct the issue you’re seeing. Currently, your site is seeing everyone as 1 person instead of unique visitors.
Let me know if this resolves your scan issue!
Thanks!
I tried that before (and now again). Unfortunately, it doesn’t solve the issue. As soon as I click on the Wordfence menu option “scan” I am getting “Scan Failed”, even before I click “Start New Scan” button (which cannot be clicked). By the way, this is not just this site, it’s all the sites. If you think of something else to try (on Wordfence or on Cloudflare), let me know. Sorry if this issue is becoming annoying 🙂
Thanks
Plugin Support
WFAdam
(@wfadam)
Now that you have the IP detection corrected, can you send me another diagnostic. I want to make sure that the connection is working properly. So we can rule the connection issue out.
Thanks!
It’s done (from Diagnostics page).
Plugin Support
WFAdam
(@wfadam)
I think it’s Cloudflare still. Its possible the IP that is whitelisted in Cloudflare is incorrect.
I see that cron jobs were overdue too, which means it’s not just Wordfence that can’t connect back, but trying to start cron is failing too.
Check and verify the correct IP was whitelisted in Cloudflare. If you want to verify the sites IP address, navigate to Wordfence > Tools > Diagnostic > Connectivity and you will see IP(s) used by this server. Make sure the first IP here is the IP that is whitelisted in Cloudflare.
Also, if you have Cloudflare’s “under attack” mode enabled too, you could try temporarily disabling that. It’s meant to block automated connections and could be related.
Thanks again!
