Rule Update Failed No rules were updated.

Hello, @weltenraum

Could you please send over your Wordfence diagnostics report for me?

To do that, please go to the top of the “Diagnostics” tab on the Wordfence “Tools” page. There will be a “SEND REPORT BY EMAIL” button to send the diagnostics report. Enter wftest [at] wordfence [dot] com as the email and weltenraum as the forum username and send that over.

Once you have sent the diagnostics report, please reply here to let me know that it was sent that way I can go ahead and take a look.

Also, can you confirm if the rules file was recreated after deleting it? If it was, try using the Manually Refresh Rules button in Wordfence > Firewall > All Firewall Options > Rules, and after clicking that, check the time/date for when the rules.php file in the wflogs folder was modified. If it is today’s date, the file may be updating but the error may be showing, which we have seen a few times in the past.

Thanks,
Scott

Dear Scott,

I’ve sent the diagnostic report.

Yes, the rules.php file was recreated with 0 bytes.

I’m afraid I’ve tried too often to update the rules. The last change to the file was yesterday, on January 3rd.

br, weltenraum

Thanks for getting back.

Can you or your hosting provider run this command from your hosting server and let me know the output please?

curl -v noc4.wordfence.com

That should give us an idea if you’re able to communicate with our server for the rules update.

You will want to be sure your hosting provider is not blocking outbound connections to our IP address range in some way. Our IPs can be found here: https://www.wordfence.com/help/advanced/#servers-and-ip-addresses

Thanks,
Scott

the answer von my hosting provider

I was happy to check the circumstance, but regardless of the server (external/internal, with/without activated firewall) no connection was possible via curl -v noc4.wordfence.com, while access via curl -v noc4.wordfence.com:443 worked, so I would currently rule out that the connection is blocked by our side.

Thanks for your patience, @weltenraum.

Can you have your host try the following from the server, and please have them send over the results for us to take a look at:

traceroute -M tcp -p 443 noc4.wordfence.com

You can send that information over in a reply here, or send it to wftest @ wordfence dot com and use your forum username as the subject line. Please let me know here when that is sent.

Scott

Thanks @weltenraum, and sorry for the delay.

The traceroute looks good. A few options:

First, you could try increasing your max_execution_time on your configuration. Currently, it is set to 30. Increasing that to 60 to see if a manual refresh of the rules works may be a good first step. If it fails and rules do not update over the next day or so, you could reduce that back to your current setting.

The second option is trying the MySQLi storage engine. This will store the rules and firewall configuration (wflogs) in the database rather than the file system.

Here is our documentation on setting that up:
https://www.wordfence.com/help/firewall/mysqli-storage-engine/

Basically, for that, you will need to add this to your “wordfence-waf.php” file:

define('WFWAF_STORAGE_ENGINE', 'mysqli');

When you add that, give it a few moments and check your Wordfence > Tools > Diagnostics area in the Wordfence Firewall Current WAF Configuration section, check the Active WAF storage engine field to see if it says file system or MySQLi storage engine.

If it has switched to MySQLi, try updating the rules again manually from the Wordfence > Firewall > All Firewall Options > Rules area.

Thanks,
Scott