wfpeter

Hi @delemo, thanks for letting us know you’ve resolved this yourself.

I can’t think of a reason why they would have clashed unless there was a false-positive block on something Admin Columns was trying to change. You’d likely be able to see this in your Live Traffic logs to allowlist it for future changes to your site’s users.

Wordfence doesn’t directly modify WordPress’ default users table when Login Security features like 2FA/reCAPTCHA are enabled, but there are some wfls_ prefixed tables that load data on the All Users screen to show 2FA status etc. Whether there’s a conflict with that may depend on how the other plugin adds users to the site.

Let us know if you find out any more,
Peter.

We’re seeing additional feedback from our customers that the object caching feature in LiteSpeed Cache is the cause of the “CAPTCHA EXPIRED” message. Renaming /wp-content/object-cache.php to object-cache.php.off temporarily seems to confirm it.

We think this was introduced in version 7.8.0, and 7.8.0.1 fixed an issue for failed connections, but likely didn’t fix this.

If you want to report the issue on their support forum, it may help get a resolution more quickly. Looking ourselves, it appears that there are other issues with transients in the object cache being reported. The fix for those forum posts will probably fix the problem with our plugin too.

Thanks,
Peter.

Hi @ez123abc,

I don’t think it’s the same issue. It sounds more like a false-positive block in the background is preventing pages with Divi elements from loading properly.

Wordfence will show the blocks it made on the Live Traffic page. Check it immediately after running into the blank page issue. You may be able to manually allowlist it from there using the “ADD PARAM TO FIREWALL ALLOWLIST” button. Alternatively, enable Learning Mode temporarily and try loading the page(s) with problems again. You can read more by clicking that link, but make sure to return the firewall to “Enabled and Protecting” afterwards.

If that doesn’t work, please open a new topic referencing your post here as dealing with multiple issues in the same topic can be hard to follow for the original poster’s problem.

Many thanks,
Peter.

Hi @vygon, thanks for your detailed message.

We’re currently investigating a possible link between reCAPTCHA and LiteSpeed Cache that wasn’t present until recently and only affects a handful of customers. Are you using LiteSpeed Cache at all?

If so, a good test is to disable it and see if the “CAPTCHA EXPIRED” message stops. Some customers reported success disabling object-cache.php in /wp-content/ too if you need a secondary test. You can rename it temporarily to object-cache.php.off via FTP or your host’s file manager and remove .off when you’re done testing.

Let us know how you get on,
Peter.

Hi @eurisko,

Unfortunately that code would be ineffective. The Wordfence scan that requires noabort to prevent timeouts is scanning all of your files site-wide for threats and not just the wordfence-waf.php, which is related to the firewall portion of the plugin. It might be more effective to test the following:

<IfModule LiteSpeed>
  <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteRule ^wp-admin/admin-ajax\.php$ - [E=noabort:1,E=noconntimeout:1]
    RewriteRule ^wp-cron\.php$ - [E=noabort:1,E=noconntimeout:1]
  </IfModule>
</IfModule>

Those files will be used frequently during the scan, although I can’t guarantee it’ll solve the problem due to the unknown reason for lsphp needing to be killed manually.

You can also exclude paths from the Wordfence scan in Wordfence > All Options > Advanced Scan Options > Exclude files from scan that match these wildcard patterns. If there are any particularly large folders created by caching plugins, or containing content such as images that can’t be altered by regular site users, you could add those to try cutting the scan time.

If the above rewrite code makes no difference. It could help us to send a diagnostic report to wftest @ wordfence . com from the top of the Wordfence Tools > Diagnostics page. Click on “Send Report by Email”. Any configuration errors or server-specifics that we’re not aware of might help.

Please add your forum username where indicated and respond here after you have sent it as the inbox is not monitored.

Many thanks,
Peter.

Hi @eurisko,

May I ask which processes seem to be causing the server to fail? We’re happy to see error log entries or other diagnostics you’ve used to find them. Feel free to partially censor any paths that identify your website or server.

I’ve not seen an issue like this with using the noabort code before, so it might be helpful to us in deciding whether something can be done on the server to prevent the hanging processes. I appreciate manually altering files on a regular basis isn’t ideal.

Many thanks,
Peter.

Hi @phpnukes, thanks for getting in touch.

It’s getting harder to determine the difference between humans/bots now, but Wordfence still tries based on the IP’s activity on your site before a request is made. It’s unlikely to be 100% accurate but the plugin will still block malicious requests based on intent, regardless of its detection as a human or bot.

It shouldn’t be necessary to take manual blocking action unless Wordfence isn’t blocking an IP/range impacting the performance of your site. You can do this directly from the Live Traffic page.

Thanks,
Peter.