Wordfence scan stage Failed

Website, Application, Performance Security Center
1

Hi Team, Can u please help me with that

I faced the below error

“A scan stage has failed to start. This is often because the site either cannot make outbound requests or is blocked from connecting to itself. Wordfence will make up to 2 attempts to resume each failed scan stage. This scan may recover if one of these attempts is successful.”

“Scan process ending after forking”

Make sure our servers are not blocked from reaching your site
Make sure you have not blocked Wordfence scanning server IP addresses listed below from accessing your site. If your site is unable to connect to itself to start a scan, we get our scanning servers to connect to your site to start the scan instead. If you have blocked our servers then your scans will not start. The latest version of Wordfence has code that prevents you from blocking individual IP addresses that we use, but you can still block network ranges that our IP addresses reside in, so make sure you have not done that.

Also, you can check with your hosting provider and ask them if they are blocking outbound connections to our IP addresses listed below.

{Redacted Do not share IPs}

I followed the steps provide by wordfence i.e whitelisted IPs in WAF still it’s blocking so I need to confirm that those added IPs are whitelisted correctly do we have another approach?

2

Hi,

You can try this: visit Firewall Events within the Dashboard at https://dash.cloudflare.com/?to=/:account/:zone/firewall, pick your zone and search for events that have Wordfence’s IP address(es). This will let you identify what Cloudflare security product, if any, is blocking Wordfence.

1 Like
3

If you have not added your server’s own address to your Cloudflare allow list, look for any occurrence of this in the log.

4

Hi Team,

Thank you for your response.

In the DNS section, For A record proxied has been set we removed proxied and set to DNS only and it is working fine.

but this is not recommended way.

So we set proxied and Even though we dig the domain name and added those IP in the firewall still did not work.

5

Have you tried checking your Firewall Events as suggested? Can you post a screenshot of a firewall event related to Wordfence or to your origin IP address?

6

Hi I have checked in events but it does not show anything related to wordfence IP

7

That means Cloudflare is not blocking Wordfence.

Please contact Wordfence or WordPress support for help on pinpointing what’s stopping your plugin from working.

8

But when I Removed Proxied from the DNS setting in Cloudflare it is working fine… It is not working when DNS records are proxied

9

Then you’re likely facing a Cloudflare 5XX error when you run the Wordfence scan. Perform the scan with Developer Tools open (F12 on most browsers) and see if any 5XX error occurs.

Then check for tips on how to fix it:

10

MicrosoftTeams-image (2)
MicrosoftTeams-image (2)908×117 9.1 KB

11

We haven’t seen any 5xx error in the developers’ tool…

We recognized that When we have a proxied it is giving 2 different IPs and we added those IPs also but still it is not working when we removed the proxied it is working fine…

12

Don’t do that. That doesn’t accomplish anything.

The suggestion I made was to add the IP of your origin server where WordPress is installed to the allow list of your Cloudflare firewall rules. That is to tell Cloudflare to permit connections from your server to itself through the Cloudflare proxy.

1 Like
13

Where are you adding proxy IPs and why are you doing that?

14

We already added our origin server IP in Cloudflare Firewall rules, but still not working.