Cloudflare blocking Wordfence

If you have Cloudflare protecting your website, you might need to update your Cloudflare settings to allow Wordfence Central to establish a connection. Follow these steps in your Cloudflare control panel:

1. Login to Cloudflare
2. Select your domain from the list of sites
3. Select the “Security” menu on the left side
4. Select “WAF” on the Security menu
5. On the “Custom rules” tab, click the “Create rule” button
6. Under “Rule Name”, name the rule “Wordfence servers”
7. Under “If incoming requests match…”, set the “Field”, “Operator”, and “Value” fields to “IP Source Address”, “equals”, and “54.68.32.247”
8. Click the “Or” button to the right of the IP address
9. In the new “Field”, “Operator”, and “Value” fields, choose “IP Source Address”, “equals”, and “44.235.211.232”
10. Click the “Or” button to the right of the IP address
11. In the new “Field”, “Operator”, and “Value” fields, choose “IP Source Address”, “equals”, and “54.71.203.174”
12. At the bottom, under “Then… Choose action” select “Skip”
13. Enable “Log matching requests”
14. Under “WAF components to skip”, select all
15. Under “More components to skip”, select all
16. Click the “Deploy” button.

If your Cloudflare account still has access to “Firewall Rules”, use these steps:

1. Login to Cloudflare
2. Select your domain from the list of sites
3. Select the “Security” menu on the left side
4. Select “WAF” on the Security menu
5. On the “Firewall rules” tab, click the “Create firewall rule” button
6. Under “Rule Name”, name the rule “Wordfence servers”
7. Under “When incoming requests match…”, set the “Field”, “Operator”, and “Value” fields to “IP Source Address”, “equals”, and “54.68.32.247”
8. Click the “Or” button to the right of the IP address
9. In the new “Field”, “Operator”, and “Value” fields, choose “IP Source Address”, “equals”, and “44.235.211.232”
10. Click the “Or” button to the right of the IP address
11. In the new “Field”, “Operator”, and “Value” fields, choose “IP Source Address”, “equals”, and “54.71.203.174”
12. At the bottom, under “Then… Choose an action” change “Block” to “Allow”
13. Click the “Deploy firewall rule” button.

You may also need to add Wordfence Central’s IP addresses to the “IP Access Rules” in your Cloudflare control panel:

1. Login to Cloudflare
2. Select the “Security” menu on the left side
3. Select “WAF” on the Security menu
4. Click the “Tools” tab
5. Scroll to the “IP Access Rules” section
6. In the field that says “Enter an IP, IP range, country name, or ASN”, enter “54.68.32.247”
7. Change the “Block” option to “Allow”
8. Change the “This website” option to “All websites in account” if you have more than one site
9. In the “Add a note” field, type “Wordfence Central” so you remember why the IP was allowed
10. Click the “Add” button
11. Repeat steps 5-9 for the IP addresses 44.235.211.232 and 54.71.203.174

Incapsula connection issues

1. Login to Incapsula
2. Go to “Settings” > “Security” > “Whitelist Specific Sources”
3. In the “Whitelist IPs” box, enter 54.68.32.247
4. Click “Add”
5. Click “Save”
6. Repeat steps 3-5 for the IP addresses 44.235.211.232 and 54.71.203.174