Introduction

Wordfence is a security plugin for WordPress that helps you prevent attacks against your WordPress installation and may interfere with Cloudpress. This document will show you how to configure Wordfence to allow Cloudpress to work correctly.

Wordfence configuration settings

The configuration settings listed below can be accessed by selecting the All Options menu from the Wordfence navigation.

After updating the Wordfence settings below, ensure that you save your changes.

1. Add Cloudpress IP addresses to your Wordfence allowlist

Scroll down to the Wordfence Firewall Options and open the Advanced Firewall Options section. Add the Cloudpress IP addresses to the Allowlisted IP addresses that bypass all rules textbox.

These are the Cloudpress IP addresses you must add:

20.81.49.255
20.81.50.28
20.81.50.29
20.81.50.44
20.81.50.45
20.81.50.58
20.81.50.59
20.81.50.70
20.81.50.86
20.81.50.87
20.81.50.123
20.81.49.108
20.81.49.109
20.81.49.110
20.81.49.111
20.81.49.224
20.81.49.225
20.81.49.226
20.120.120.8
20.120.124.75
20.120.124.131
20.120.124.147
20.120.122.192
20.120.124.164
20.49.104.55

2. Enable application passwords

By default, Wordfence may disable WordPress application passwords - which Cloudpress uses to communicate with your WordPress server. Scroll down to the Brute Force Protection section. Under the Additional Options heading, uncheck the Disable WordPress application passwords checkbox.

3. Allow username discovery

Cloudpress allows you to update additional fields, such as the post author. This feature queries your WordPress server for the usernames. To ensure this feature works correctly, scroll down to the Brute Force Protection section. Under the Additional Options heading, uncheck the Prevent discovery of usernames through ’/?author=N’ scans, the oEmbed API, the WordPress REST API, and WordPress XML Sitemaps checkbox.