Latest version causing major issues with major plugins

Updated to version 4.0.2 this morning. I attempted to block a network from whois lookup and received this error

You are trying to block yourself. Your IP address is (67.xx.xx.xx) which falls into the range of 144.76.0.0. This blocking action has been cancelled so that you don’t block yourself from your website.

My IP range is does not fall into the range shown,. this error pops each time I attempt to block a range of IP’s. Is this caused by the plugin?

Hi Mark,

Thanks for the devoted involvement. I’m just thinking of what would happen if the hacker uses let’s say eval (... or `eval
(` – I just checked and PHP seems to be fine with parenthesis being on a new line or with any amount of whitespace between the function name and the parenthesis.

Technically in all cases that I’ve seen a hacker’s code it’s usually on one line with no spaces whatsoever, but if I was a hacker and just adding some whitespace would allow me to go around the scans – I would totally do that.

I think that regex is (unfortunately)the only option in this case – I know that it’s way more expensive, especially if you’re parsing big files, but I don’t know if there is an alternative(except maybe parsing the files with https://php.net/token_get_all – but I don’t know which one would be faster/more reliable ).

Nikola

barker2k: That’s been fixed in 4.0.3.

nikolov: I’m aware of this and we actually have a huge number of regex patterns we also use which pick up tricks like this. However we’re constantly working to improve and as I added those parens I thought about the “eval (” case you mentioned. However, this release erred a little too far on the side of over-detection at the cost of convenience. So we had to pull back a little with 4.0.3 and we’ll keep pushing forward making an effort to avoid inconvenience.

Regards,

Mark
PS: If you found this helpful, please rate Wordfence 5 stars.
https://www.ads-software.com/plugins/wordfence/

I downloaded the 4.3 version, ran a scan and still get the Backup Buddy error/ warning messages.

I see this topic is about 7 months old, but it pertains to me today. I installed Wordfence this morning then Backup Buddy right after. Backup Buddy wouldn’t back up, though, because of the Wordfence tables. I had to use the database table Exclusion picker on Backup Buddy to temporarily exclude all the WF tables from the backup to successfully run the backup.

Can this be resolved in Wordfence so BackupBuddy can include the WF database info in the backup?

Thanks

DrStone

Sorry you are having issues with the plugin. I can’t speak for the backup buddy plugin since I don’t work on it. We’d need to know what error you were seeing about the WF tables to begin troubleshooting. Your issue does seem to be different from the OP’s problem which was reporting the plugins had ‘malicious code’.

Please open a new post and let us know your WP version, along with the versions of WF and BB.

Thanks!

tim

Since the update I’m having big problems and just can’t do normal things to update my website. Add media, link, widgets, featured media, all these buttons are dead.
I’ve tried deactivating/activating each plugin and nothing happened. The only thing that is “better” is the number of spam comments that is a record. I really need some help.