Ok, so it shows that the scan completed in 2898 seconds, which is a little over 48 minutes — it is still high for most sites without any of the aggressive scan options set.
Wordfence does still count the excluded files and the disk space they use, even when it does not scan the contents, so that will not change — normally the “Exclude files …” option is used by people who want to skip scanning of a few .zip or .sql files or from a backup plugin, so the scan process definitely is not optimized for skipping tens of thousands of files. Simply listing the files still shouldn’t take 40+ minutes on most servers, though.
If you want to send me a detailed scan log, I can take a look to see where it is spending all of its time, or you can look directly, by clicking the “View activity log” link below the Scan Detailed Activity box — and to see details on each file (with timestamps), you can use the “Enable debugging mode” option on the Wordfence Options page, near the bottom. Just make sure to disable it after the scan, as it does make the scan slower, and saves the extra log info in the database. If you want to send it to me, click the link “Email activity log” after the scan has finished, and enter my email address: mattr (at) wordfence.com
Since the scans are finishing now, the full scan log with debugging info could help narrow down what area is still slow.
Since you reinstalled the plugin, make sure “Disable config caching” is turned on again, since you had problems with it before. (Usually any issues here are from file permissions, or more rarely, file locking issues on the host.)
Also, make sure these are still disabled:
- Scan files outside your WordPress installation
- Scan image files as if they were executable
- Enable HIGH SENSITIVITY scanning. May give false positives
-Matt R
