Database changes detected

NinjaFirewall takes all admin accounts data, makes a hash and saves it. Then, later on, it does it again and compares both hashes. If they don’t match, it warns you.
For whatever reason, this could be a false alert. This can happen but it has to be very seldom, not everyday

I got 16-17 e-mails until now and i really dont understand whats wrong with it.

1. Copy/paste the following code to a file, name it whatever.php, upload it into the WordPress root folder, go to https://your-blog/whatever.php, copy and save the output. Delete the script.
2. Wait to receive another alert from NinjaFirewall and then upload/run again the script and compare the results.

<?php
header('Content-type: text/plain');
require __DIR__ .'/wp-config.php';
$admin = get_users(
   array( 'role' => 'administrator',
      'fields' => array(
         'ID', 'user_login', 'user_pass', 'user_nicename',
         'user_email', 'user_registered', 'display_name'
      )
   )
);
print_r( $admin );

Don’t forget to remove the script from your site.

I have tested it and the informations are the same so nothing changed.

`Array
(
[0] => stdClass Object
(
[ID] => 1
[user_login] => same
[user_pass] => same
[user_nicename] => same
[user_email] => same
[user_registered] => same
[display_name] => same
)

)

Is it a multisite?

Just came here for the same reason. I actually used to get these multiple times per day back a couple of years ago, but they went away after a previous update.

However, they seem to have returned. 2 today so far. The first one looked like this:

Total administrators : 1

Admin ID:
-user_login:
-user_nicename:
-user_email:
-user_registered:
-display_name:

But the second one, just received, had all of my info after the field names.

Can you give me the list of plugins that are enabled on your blog? Any caching plugin?

Multisite? I just have wpml language plugin so there are 3 language options on the web site. I still have these emails per day and got a lot of emails..

I have wp rocket cache plugin and if you r asking me the plugin list, i can share it with you.

I think it is related to your caching plugin.
NinjaFirewall simply calls the WordPress get_users function but it looks like sometimes, when a caching plugin is installed, this function returns an empty value. It must be related to database or object caching I suppose.
I will check if I can change the code, maybe to use WP_User_Query instead.

I have made a small change to the function that is used to monitor the DB: https://plugins.trac.www.ads-software.com/changeset/2125836/ninjafirewall/trunk/lib/utils.php?old=2118697&old_path=ninjafirewall%2Ftrunk%2Flib%2Futils.php

For those who want to try it:
1. Make sure you are running NinjaFirewall WP 4.0.1.
2. Download this script: https://plugins.trac.www.ads-software.com/export/HEAD/ninjafirewall/trunk/lib/utils.php
3. Over FTP, upload it into your wp-content/plugins/ninjafirewall/lib folder and override the current utils.php script.

Thanks for the support but it is still same.

Can you check the configuration of your caching plugin: did you enable any option related to database or object caching?

I haven’t done any changes except updating plugins, not changed / enabled or disabled any options. If you wanna check this, i can give you an admin account.

I’m not familiar at all with the wp rocket cache plugin, but if you go to its settings page, do you see any options related to database or object caching? Which one, if any, is enabled?