Blocking upload

Hi @martenw, thanks for getting in touch.

If this isn’t an issue that can be resolved by Learning Mode, and I suspect it isn’t due to the filesize rather than the upload itself being the problem, then I think it could be a setting on your server/php.ini.

Double-check the PHP and server timeout settings, along with php.ini’s upload_max_filesize, post_max_size and max_file_uploads, as the problem could be related to settings outside of Wordfence’s control: https://www.tecmint.com/increase-file-upload-size-in-php/

Let me know how you get on, you may need to speak to your host if any of those settings seem to be restricting you but can’t be changed from your hosting control panel.

Thanks,

Peter.

Hi Peter,
Learning Mode doesn’t solve the problem.
The file .user.ini only contains an auto_prepend_file line for Wordfence.
The upload_max_filesize and post_max_size are both 64M. I can’t find the max_file_uploads, but I’m sure only one file is uploaded simultaneously.
However I don’t think this is the problem because a user with the role author, editor or administrator can upload files.
Adding a line to the file rules.php for the custom role also solves the problem. Unfortunately this will be overwritten during an update.

Regards,

Marten

Hi @martenw, thanks for your response.

Please can you send a diagnostic report to wftest @ wordfence . com so that I can check these settings? You can find the link to do so at the top of the Wordfence Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.

I may be able to make an alternative suggestion for your rules.php addition if you include here what line exactly you needed to add. I’ll see if that can be accommodated anywhere in your settings or config files so that it is not superceded with an update.

Thanks again,

Peter.

Hi Peter I added the two lines under the line
`$this->rules[76] = wfWAFRule::create($this, 76, NULL, ‘file_upload’, ‘100’, ‘Malicious File Upload (PHP)’, 0, ‘block’, new wfWAFRuleComparisonGroup(new wfWAFRuleComparison($this, ‘currentUserIsNot’, ‘administrator’, array(wfWAFRuleComparisonSubject::create($this, ‘server.empty’, array (

)))), new wfWAFRuleLogicalOperator(‘AND’), new wfWAFRuleComparison($this, ‘currentUserIsNot’, ‘subscriber’, array(wfWAFRuleComparisonSubject::create($this, ‘server.empty’, array (

)))), new wfWAFRuleLogicalOperator(‘AND’), new wfWAFRuleComparison($this, ‘currentUserIsNot’, ’employee’, array(wfWAFRuleComparisonSubject::create($this, ‘server.empty’, array (

Hi @martenw, thank you for the additional information.

The original issue is likely not a case of the size of the file and more likely that image files over a certain size being way more likely to contain stuff that “looks” like PHP, e.g. <? type character matches.

We’d recommend that you disable the Wordfence > All Options > Rules > Malicious File Upload rule altogether if you’re having trouble rather than worry about the insertion of your own custom rules that could be overwritten with updates. Custom roles are not necessarily fully supported right now so it’s mainly to prevent other issues cropping up.

Thanks,

Peter.