[Guide] How to unlock unlimited premium Wordfence Security license on any version

[Knight_Killer]

1. Download the official Wordfence security plugin from: https://en-ca.wordpress.org/plugins/wordfence/
2. Upload the plugin to your wordpress but don't activate it
3. Next, in your wordpress main dashboard head to Plugins -> Plugin Editor
4. In the "Select plugin to edit" bar choose Wordfence Security and press Select
5. Under the "lib file section" select the wordfenceClass.php file
6. Press ctrl+f and paste this:

if (!WFWAF_SUBDIRECTORY_INSTALL && $waf = wfWAF::getInstance()) {

You should see:

$updateCountries = false;
if (!WFWAF_SUBDIRECTORY_INSTALL && $waf = wfWAF::getInstance()) {
$homeurl = wfUtils::wpHomeURL();
$siteurl = wfUtils::wpSiteURL();


Now right under it paste this in:

wfConfig::set('isPaid', 1);
wfConfig::set('keyType', wfAPI::KEY_TYPE_PAID_CURRENT);
wfConfig::set('premiumNextRenew', time()+31536000);

So the code should look like this:

$updateCountries = false;
if (!WFWAF_SUBDIRECTORY_INSTALL && $waf = wfWAF::getInstance()) {
$homeurl = wfUtils::wpHomeURL();
$siteurl = wfUtils::wpSiteURL();

wfConfig::set('isPaid', 1);
wfConfig::set('keyType', wfAPI::KEY_TYPE_PAID_CURRENT);
wfConfig::set('premiumNextRenew', time()+31536000);

7. Save the file, then activate WordFence plugin, you should have unlimited premium license! It says "renew in 365 days" but you will notice that this number doesn't go down

If you can't find the code, you can export the file, edit using notepad++ and then reupload or do something similar. You can also use FTP application to do this method.

Like for more "exploits" like this!

Worked like Charm .. Thanks Buddy!

 

[bsb85my]

Awesome! Thanks for sharing such "hack"

 

[muneebqadeer243]

This is a wonderful share..thanks

 

[birdarabic]

I started getting this in the scan, will the plugin work fine even after knowing it got nulled?

 

[whitetigerdk]

Seems like they have patched this "hack".. ?

 

[lxsaif]

Do I have to edit the wordfenceClass.php file each time after the new update?

 

[whitetigerdk]

Do I have to edit the wordfenceClass.php file each time after the new update?

Yes.. you have to.. On update the file is replaced by a new file that does not contain this hack.. thus hack needs to be "re-installed"

 

[eliteshades]

Do I have to edit the wordfenceClass.php file each time after the new update?

Dont know if anyone has a way to automate this process unfortunately

 

[gwuluo]

Dont know if anyone has a way to automate this process unfortunately

Create a new file wp-content/mu-plugins/wordfence.php, put the content in it automatically, so you don't have to change the plugin every time

<?php
add_action('plugins_loaded', function(){
    if( !class_exists('wfConfig') ) return;
    wfConfig::set('isPaid', 1);
    wfConfig::set('keyType', wfAPI::KEY_TYPE_PAID_CURRENT);
    wfConfig::set('premiumNextRenew', time()+31536000);   
}, 99);

 

[zen123]

Create a new file wp-content/mu-plugins/wordfence.php, put the content in it automatically, so you don't have to change the plugin every time

<?php
add_action('plugins_loaded', function(){
    if( !class_exists('wfConfig') ) return;
    wfConfig::set('isPaid', 1);
    wfConfig::set('keyType', wfAPI::KEY_TYPE_PAID_CURRENT);
    wfConfig::set('premiumNextRenew', time()+31536000);  
}, 99);

Nice solution

 

[whitetigerdk]

Create a new file wp-content/mu-plugins/wordfence.php, put the content in it automatically, so you don't have to change the plugin every time

<?php
add_action('plugins_loaded', function(){
    if( !class_exists('wfConfig') ) return;
    wfConfig::set('isPaid', 1);
    wfConfig::set('keyType', wfAPI::KEY_TYPE_PAID_CURRENT);
    wfConfig::set('premiumNextRenew', time()+31536000);
}, 99);

Is there any way to make wordfence NOT scan this file as it report it back as malicious (detecting it as nulled version). I haven't been able to locate a setting to have the scan ignoring a specific folder.. any advice?

-
Found.. now it reports no error even though it's nulled.

 

[kapitanpirata]

Create a new file wp-content/mu-plugins/wordfence.php, put the content in it automatically, so you don't have to change the plugin every time

<?php
add_action('plugins_loaded', function(){
    if( !class_exists('wfConfig') ) return;
    wfConfig::set('isPaid', 1);
    wfConfig::set('keyType', wfAPI::KEY_TYPE_PAID_CURRENT);
    wfConfig::set('premiumNextRenew', time()+31536000);  
}, 99);

This still works on the latest version of wordfence Version 7.5.7

 

[wazzz]

This still works on the latest version of wordfence Version 7.5.7

Yes, it's still working. I just did this "hack" and it's working 100%. Thank you

 

[Happy Jack]

Doesnt work for version 7.5.8.

WordFence changed a few things in the new version(7.5.8). The current version of nulling doesn't work - well for me anyway. Find attached a license plugin to null WordFence.

 

[wazzz]

Doesnt work for version 7.5.8.

Yes, I just upgraded to Version 7.5.8 and the "hack" is not working anymore. It throws a fatal error instead.

 

[zen123]

Yes, I just upgraded to Version 7.5.8 and the "hack" is not working anymore. It throws a fatal error instead.

The hack is now gone. Now Wordfence has been fixed this loophole.

 

[whitetigerdk]

Problem solved in other thread:

https://babia.to/threads/wordfence-wordpress-security-plugin.2943/post-826393

Remember to give the dude som love...