error in latest update 6.3.7

have now had to swich Wordfence off as unable to edit posts with it on.
(was getting Whitescreen on any post or edit post page)

Getting the same error for one of our sites, too. Trying different maximum execution times to see if that will break this logjam…

Hi @wpelvis,

I’m sorry you’re experiencing this issue with the latest Wordfence update.

We are aware of this problem and it has been reported to our development team so it can be addressed in the next update.

For now, I suggest you increase the PHP maximum execution time. This can be done by adding/updating a line in either wp-config.php or .htaccess or php.ini:

In wp-config.php
set_time_limit(60);
Important – If you are making changes in wp-config.php, then add the line above “/* That’s all, stop editing! Happy blogging. */” comment.

In .htaccess
php_value max_execution_time 60

In php.ini
max_execution_time = 30 ;

Alternatively you could also temporarily disable the “Scan posts for known dangerous URLs and suspicious content” and “Scan comments for known dangerous URLs and suspicious content” features then run a new scan.

• This reply was modified 7 years, 7 months ago by wfyann. Reason: Spelling

I did mention that I had already tried the suggestios.
I tried switching off nearly every scan and upping the php values and nothing helped.
I was unable to run a scan without getting a fatal error and I was unable to edit any posts.
I also have Sucuri installed and that was unable to show logs.
I have reverted to the previous version and everything works fine again.

This Update has also broken our site hosted at NSI. NSI says they are seeing an issue with Wordfence now stopping Backups and Restores .. In my case WF did its auto update yesterday and then broke the site and DataBase. NSI is now working to stop WF .. Whats going on with WordFence and Network Solutions and this Patch!.

It does seem to affect the File permission.. Sadly as it did this it has forced us to try to restore the backups. as soon as we do it tries to Auto update and then Breaks the site and DB.

@wpelvis,

Sorry the workarounds didn’t resolve the issue for you.

Other users experiencing the same problem reported that disabling both the “Scan posts for known dangerous URLs and suspicious content” and “Scan comments for known dangerous URLs and suspicious content” features allowed the scans to complete.

If it’s not working for you then we might be looking at a different problem/cause.

Could you confirm where you modified the value of the PHP maximum execution time? Is it in wp-config.php, .htaccess or php.ini?

Could you also please confirm the PHP version you’re running?

Another way to get more information would be to enable the WP_DEBUG mode.

Any idea whats going on with NSI ? and Word Fence There techs tell us they have been removing it from NSI sites and they think it does not really offer any security anyway. I am not sure about that but do find it odd that NSI knows WordFence and its servers are now having a DOA issue after the last WF update. I to no longer have it running and now have the site back. :(. FYI the site was on PHP 5.2 and MYsql 5.0 Now that i have it back up I have updated to PHP 7 and Mysql5.6 .

Sorry to jump in on this as I’ve already posted in another thread and raised a support ticket as I have the premium version but following this thread makes me wonder if this might be specific to certain shared server configs?
I have Wordfence installed across multiple sites (single and Multisites) all on different shared hosting platforms but the only one I’m having an issue with since update (so far anyway) is hosted on a Network Solutions shared server. I have changed my wp-config settings but the minute I load Wordfence the site falls over.
I’m able to load and activate other security plugins, just not Wordfence.

Hi @wfyann
thanks for reply:
PHP version 5.3.29
PHP memory limit 256M
PHP upload max filesize 24M
PHP post max size 32M
PHP max execution time 45
PHP max input time 60

I changed the execution time in wp-config

I have only just taken over this site, so just putting this has made me realise that the PHP version is outdated so I need to sort that out.
Could that be what is causing the problem?

wpelvis,

Regarding the error message you mentioned in your first comment, “wordfenceURLHoover.php on line 122” this is related to a specific scan feature. We’ll try to fix it asap, but you definitely should be able to get your scans working again by disabling certain options. Which options, depends on bit on what your site looks like. Try:

1. Disabling the scan option “Scan posts for known dangerous URLs and suspicious content” if you have a lot of posts with URLs
2. Disabling “Scan comments for known dangerous URLs and suspicious content” if you have a lot of comments with URLs
3. If you have a lot of regular FILES with URLs, you may have to turn of the whole malware scanning option: “Scan file contents for backdoors, trojans and suspicious code”

To avoid 3 above, you may also be able to exclude the directories that contain those files from scan via the option “Exclude files from scan that match these wildcard patterns”. If your site has a lot of PDFs, you may also be able to just disable the option “Scan images, binary, and other files as if they were executable”.

I have debugged this error on a few sites already, and one or a combination of the above have worked.

However, I will say that PHP version 5.3.29 is not exactly great, and you should get PHP upgraded. At Wordfence we recommend at the minimum PHP 5.6, preferably PHP 7.0. If you check out this chart https://php.net/supported-versions.php you’ll see that any version below 5.6 is no longer supported by the developers of PHP. No updates, no security fixes, nothing. So you should definitely upgrade. That will help with performance too.

smellycat3, awack, Karen_R, whether you think you have the same issue or not, please start you own threads. Describe your situation in as much detail as possible in your first messages.

Thanks!

I turned off all scans one by one and i couldn’t get it to work.

Also as soon as it was turned on, without scanning, it affected my Posts Edit page (blank screen) and Sucuri.

and yes upgrading the PHP was on my ‘todo’ list already but it is a large site and the theme is customised so I need to check it first.

“smellycat3, awack, Karen_R, whether you think you have the same issue or not, please start you own threads. Describe your situation in as much detail as possible in your first messages.”

Umm that seems silly when we are all talking about your plugin Crashing our sites. And we all have Time issues here so we are all searching the web for answers.
Tell you what ill just Take what Network Solutions says as Fact and that your plug in is not Stable or even worth the issue. Thus NSI is removing it from all NSI sites.

Later!.

awack, this thread is about a specific scan error (wordfenceURLHoover.php on line 122). Your issues is different – some type of compatibility problem with the PHP setup in OpenResty on Network solution hosting. It sounds like Network solutions are removing Wordfence instead of upgrading PHP. That’s obviously not good. But if you want to discuss it you need to create your own thread. Thanks!

wpelvis, when you get the white screen on the posts pages, are there any errors added in the php error logs? If so, what are they?