Anti-Malware Scan doesn't finish

Hi

You can try to upload and run this PHP script:

<?php
echo ini_get('max_execution_time');
?>

Then, run the scan again and measure the time it takes until it stops. Does it match the value returned by the PHP script? If it does, it means you may have a limitation at your server level. Although the scanner increases the execution time, your host may not allow that and block it anyway.

Hi there, same problem as reeve.

It seems to be the execution time limitation that you talk about, because it stops counting files at the time de script returned.

(Tested it in 6 different webssites, in different hosting provider)

Are you planing to publish a new release that works in this kind of environment (shared hosting)?

Thanks in advance, and go on with this great job!

If this is a restriction at the server/host level, there is nothing you can do.
Here is a new (and better) script to verify if that is a restriction issue. Upload it to your site, and paste the output here:

<?php
$res = ini_get('max_execution_time');
echo "Max execution time is set to: $res seconds<br />";
echo "Attempting to change it via 'ini_set': ";
if ( ini_set('max_execution_time', 0) === false ) {
   echo "Failed.<br />";
} else {
   echo "Success.<br />";
}
echo "Attempting to change it via 'set_time_limit': ";
if ( set_time_limit(0) === false ) {
   echo "Failed.<br />";
} else {
   echo "Success.<br />";
}
?>

Hey nintechnet,

thanks four your reply. I uploaded the new script and got following output:

Max execution time is set to: 30 seconds
Attempting to change it via 'ini_set': Success.
Attempting to change it via 'set_time_limit': Success.

What can I do next, to make it work?

kind regards
-reeve

That means your host kills any script after 30 seconds and that cannot be changed. But PHP says it can be changed. That’s confusing and that’s why NinjaFirewall cannot detect it.

There are a few workarounds that could be used to bypass that restriction. I will check which one is the most suitable and will implement it.

In the meantime, you can run 2 or 3 scans and exclude some file extensions.
1st scan: try to exclude all images, translation files and css. In the “Ignore file extensions” field enter:

css
po
mo
pot
jpg
jpeg
png
gif
tif

Save the option and run the scan.

2nd scan: if the first one was successful, exclude the PHP, HTML, JS files instead:

htm
html
js
php

You can also exclude one or more folder instead (/wp-admin/ or /wp-content/ or /wp-includes/ etc).

You will need to do that for the first full scan only. Afterwards, for any subsequent scan, use the “Scan files created/modified in the last” option:
– if you scan your site once every day, set it to “2”.
– if you scan every 7 days, set it to “8”.
There is no need to scan files that weren’t changed or created since the last scan, that would be a pure waste of time and resources.

Nice idea but that doesn’t work.

I put the first list in the “ignore file extensions”-field but the scan doesn’t continue again. This time after 53 files.

kind regards
-reeve

53 files? That’s a very low number. On an average server, it should scan at least 1000 file every 30 seconds.

What are your server specs? Can you check in the “NinjaFirewall > About…” page, click on “System Info” and paste here all lines starting from “PHP version” to “CPU model”?

• PHP version: 5.5.33-nmm1 (APACHE2HANDLER)
• HTTP server: Apache
• Operating System: Linux

There aren’t more informations.

Maybe change the PHP mode to CGI ?

kind regards
-reeve

Maybe changing your PHP SAPI to CGI could boost your server.
But in that case, you will need to add NinjaFirewall’s directives to your PHP INI file instead.
Currently, you should have something like this in your .htaccess:

# BEGIN NinjaFirewall
<IfModule mod_php5.c>
   php_value auto_prepend_file /full/path/to/wp-content/nfwlog/ninjafirewall.php
</IfModule>
# END NinjaFirewall

You would need to modify and add this code to your PHP INI (either php.ini or .user.ini, depending on your host config):

; BEGIN NinjaFirewall
auto_prepend_file = /full/path/to/wp-content/nfwlog/ninjafirewall.php
; END NinjaFirewall

/full/path/to/ should be replaced with the correct value matching the one found in your .htaccess.

Hey nintechnet,

The Anti Malware Scan works like a charm on my new configured 5.6 FCGI environment.

Thanks for your support.

Kind regards
-reeve

Hey nintechnet,

I’m back again with the same issue. I noticed it a long time ago as my website grew just a little more with more files.

I just tried to set up the max php execution time in htacces via:

php_value max_execution_time 180

And voila your script showed me

Max execution time is set to: 120 seconds

But the Anti-Malware won’t finish. I timed it with my watch and the result: Right after 22 seconds your Plugin scanned 4597 files and after that it doesn’t happen anything. After a few more seconds your alert is popping up that I might cancel the script.

Any ideas whats up to it?

Kind regards
-reeve

Hi,

Maybe your hosting company set the limit to 20s, and changing the max_execution_time directive does not have any effect?

Are you using the “Timestamp” option to scan only files modified since last successful scan?