File Change Emails NOT Sent

  • File change warning emails are not being sent. Mail logs do not show any attempt at sending file change warning emails. I have tried manually scanning, and also leaving for schedule to scan, neither method sends an email. The itsec logs are showing file changes.

    Backup database emails are sending fine, just not file change warnings. Digest setting is disabled.

    This issue is happening across multiple sites, hosts, and even my local test environment.

    I haven’t received a file change email from multiple sites for past few days. I recently updated all plugins (including iThemes Security) and WordPress core, so I suspect it is something with latest WP core, or combination of latest WP core and latest version of iThemes Security plugin.

    Anyone else experiencing this issue?

    https://www.ads-software.com/plugins/better-wp-security/

Viewing 7 replies - 16 through 22 (of 22 total)

  • Thanks for the explanation. Hmmm interesting … you just opened my eyes …

    So the code fix implemented for presumably the following 4.4.15 changelog entry:

    Fixed: Notification emails will no longer send if not turned on

    turns out to be incomplete (or even perhaps unnecessary …).

    So why checking the setting(s) twice ? That doesn’t make any sense.
    In the entire iTSec plugin code base there are only 2 execution paths that lead to the execution of the notify() function.

    1. do_lockout() -> lockout() -> send_lockout_email() -> notify()
    2. execute_file_check() -> send_notification_email() -> notify()

    And the send_xxx_email() functions are only executed when the respective settings are enabled.

    I think apart from completing the condition in the notify() function it is probably also safe to simply remove it.

    I’ll do a couple of tests generating all types of lockouts (BFP host lockouts, 404 host lockouts, BFP user lockouts, BFP username lockouts and BFP admin user lockouts) as well as running scheduled FCD scans while the relevant settings are both disabled.
    If any Lockout or FCD email still gets send we know we really need that extra condition in the notify() function.

    dwinden

    Ok, just completed testing.

    Removed the extra condition(s) in the else statement of the notify() function (as added in the 4.4.15 release). Disabled both Email Lockout Notifications and Email File Change Notifications settings.
    Enabled 404 Detection. Lowered Error Threshold from 20 to 5.
    Enabled FCD.
    Saved settings.

    Then generated the following type of lockouts:

    BFP host lockout (1x invalid login attempt using ‘admin’ user)
    BFP host lockout (5x invalid login attempts)
    404 host lockout (5x access non existing page)
    BFP user lockout (10x invalid login attempts using valid user)
    BFP username lockout (10x invalid login attempts using invalid user)

    Also triggered a scheduled FCD scan which resulted in file changes found.

    NO emails received. NONE. NADA.

    Then enabled the Email File Change Notifications setting (The Email Lockout Notifications setting is still disabled).

    Triggered another scheduled FCD scan which resulted in file changes found.

    And … yesss a FCD email is send.

    So the best and simplest solution for fixing the issue as reported in this topic is to change the following line in the notify() function:

    } elseif ( isset( $itsec_globals['settings']['email_notifications'] ) && $itsec_globals['settings']['email_notifications'] === true ) {

    to:

    } else {

    dwinden

    @damian_au

    I guess this topic can be marked as ‘resolved’.

    dwinden

    Thread Starter Damian_AU

    (@damian_au)

    @dwinden

    Great job on all your testing, and finding a more simple solution. Given my solution was working I was content with leaving it until the plugin developers fix it, as I simply didn’t have the time to continue troubleshooting.

    Given the developers have yet to fix the code I was reluctant to mark this topic as ‘resolved’. However if it helps people find a solution to the problem, I’m happy to do so.

    Thanks again for all your help, and good luck with finding your new job.

    Thread Starter Damian_AU

    (@damian_au)

    Email File Change Notifications still not working when Email Lockout Notifications is disabled, as at v5.1.0.

    Perhaps I shouldn’t have marked this topic as ‘resolved’ as it clearly hasn’t been, hence I have changed back to ‘not resolved’.

    I find it extremely frustrating that unless someone purchases something from iThemes, there seems to be no way of contacting their support team.

    @damian_au

    Indeed the bug as described in this topic is still not fixed in the 5.1.0 release.

    According to the FAQ section in the plugin readme.txt file:

    = Where can I get help if something goes wrong? =
    * Official support for this plugin is available for iThemes Security Pro customers. Our team of experts is ready to help.

    Free support may be available with the help of the community in the www.ads-software.com support forums (Note: this is community-provided support. iThemes does not monitor the www.ads-software.com support forums).

    dwinden

    @damian_au

    Would adding a piece of fixed code to the active theme functions.php file in order to replace the ITSEC_Notify::notify() class method be any help ?

    I suppose this depends on whether the active theme used is regularly updated … (and thus the functions.php file replaced).

    Anyway using fixed code in the active theme functions.php file would make
    the fix stick after any iTSec plugin update …

    Did a quick test and it seems to work fine ??

    dwinden

Viewing 7 replies - 16 through 22 (of 22 total)
  • The topic ‘File Change Emails NOT Sent’ is closed to new replies.