• Resolved solventweb

    (@solventweb)


    Hi there, thanks for a great plugin!

    Starting last month, Wordfence scans are failing on 5 of my sites. (I maintain other sites that aren’t affected fyi.) Do you know what might cause this? Here are the last entries in the log before it stops responding…

    [Feb 15 19:11:48:1676488308.063677:2:info]?Done file contents scan
    [Feb 15 19:11:48:1676488308.060491:2:info]?Done host key check.
    [Feb 15 19:11:47:1676488307.828934:2:info]?Checking 1863 host keys against Wordfence scanning servers.
    [Feb 15 19:11:47:1676488307.820241:2:info]?Asking Wordfence to check URLs against malware list.
    [Feb 15 19:11:47:1676488307.819998:2:info]?Scanned contents of 2824 additional files at 53.17 per second

    Btw I’ve tried disabling the following features of the scan. It didn’t make any difference…

    Scan posts for known dangerous URLs and suspicious content
    Scan comments for known dangerous URLs and suspicious content
    Scan WordPress core, plugin, and theme options for known dangerous URLs and suspicious content
    Check the strength of passwords

    Thanks!

Viewing 14 replies - 1 through 14 (of 14 total)
  • Hi @solventweb

    Thanks for reaching out!

    Have you tried “start scans remotely” ? I would recommend trying this as well!

    Let me know how it goes!

    Best,

    Joshua

    Thread Starter solventweb

    (@solventweb)

    Thanks for your response. I tried that just now. Same result unfortunately.

    Hi @solventweb

    Thanks for letting me know

    Can you send a diagnostic report to wftest @ wordfence . com? You can find the link to do so at the top of the Wordfence > Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.

    Thanks,

    Joshua

    Thread Starter solventweb

    (@solventweb)

    Much appreciated. I just sent the report.

    Hi @solventweb

    Thanks for sending that over.

    I would recommend enabling the PHP error log on one of the sites, and also enabling the plugin’s debug mode, then running another scan.

    After it fails, you can use the “email activity log” link to send us the complete scan log, and also check the error log for any new errors.

    Best,

    Joshua

    Thread Starter solventweb

    (@solventweb)

    Thanks for your reply. This is done.

    Hi @solventweb

    It looks as if you have sent over another diagnostics report.

    Would it be possible to send over the activity log instead?

    Thanks

    Thread Starter solventweb

    (@solventweb)

    Ah, sorry about that. Just sent it.

    Hi @solventweb

    Would it be possible to get back to us with your site URL so I can locate the activity log?

    Thanks,

    Joshua

    Thread Starter solventweb

    (@solventweb)

    Thanks for your reply. Unfortunately, I can’t post that publicly. So I just emailed it to wftest @ wordfence . com

    Hi @solventweb

    Thanks for letting me know!

    Can you temporarily turn off the scan option?Scan for out of date, abandoned, and vulnerable plugins, themes, and WordPress versions, and see if the scan completes properly? If it does, it’s likely one of your plugins is hooking into WP core incorrectly, and causing an error in a WordPress core function when we check plugins for updates.

    If that’s the case, In the meantime, you can find which plugin causes it, temporarily disable it if it is not critical to the site, or contact the plugin author (usually this is caused by plugins that are not from?www.ads-software.com). One way to check plugins for this issue is to go to the Plugins page, and click the “View details” link for each plugin, and see if one of them causes an error page.

    Thanks,

    Joshua

    Thread Starter solventweb

    (@solventweb)

    You are awesome! I was able to find the plugin causing the problem: WPBakery Page Builder v6.10.0. Can you provide me with some text I can pass along to the plugin author that explains the issue? For example, how might they be “hooking into WP core incorrectly”?

    Hi @solventweb

    Thanks!

    You can send this to the developers from us:

    When we’ve seen this issue a few times with other plugins, it has been because the plugin uses the WordPress hook?plugins_api?to provide their own update information similar to what plugins that are available on?www.ads-software.com?do automatically) but in some cases when the related?plugins_api()?function is called, the plugin returns a null value instead of the expected object, which causes a fatal error in WordPress core like: PHP Fatal error: Uncaught Error: Attempt to assign property “external” on null in wp-admin/includes/plugin-install.php:222

    A similar error might occur if the plugin returned an array instead of a null value. In older PHP versions, this only caused a warning, but in PHP 8.0 or 8.1 this is now a fatal error. So far, the easiest way to reproduce the issue even without Wordfence installed is by going to the site’s Plugins page while the affected plugin is active, and then clicking the “View Details” link for that plugin. This uses a similar plugins_api() call to retrieve plugin data, and could trigger the same error — but again, only on newer versions of PHP. WordPress core is still not officially PHP 8.0 compatible (noted by the “indicates beta support” footnote on this page: https://make.www.ads-software.com/core/handbook/references/php-compatibility-and-wordpress-versions/), and ideally they should prevent an invalid value from causing the error in plugin-install.php, but I’m not sure whether this is on their list to address yet, as we’ve only found it recently.

    I hope this helps!
    Thanks,

    Joshua

    Thread Starter solventweb

    (@solventweb)

    Perfect. Thanks for your help.

Viewing 14 replies - 1 through 14 (of 14 total)
  • The topic ‘Scan fails after “Done file contents scan”’ is closed to new replies.