Security rules update

Does the message go away after a few minutes, or does it stay permanently?

Hi,

Thanks for your answer
It stays permanently, even when I do a manual update.

It looks like you’re having issue with WordPress WP Cron (events scheduler).
Do you receive NinjaFirewall security rules update and daily report email notifications?

You can install this plugin: https://www.ads-software.com/plugins/wp-crontrol/
Enable it, then go to “Tools > Cron Events”. Do you see any error, warning or notice?

I have a lot of warnings as the Following:

wpo_weekly_cron_tasks None 2021-02-09 16:35:09 1 hour 38 minutes None Once Weekly

I know that I can delete the warnings corresponding to deleted plugins.

Thanks

Do you receive NinjaFirewall security rules update and daily report email notifications?

I receive notifications about installing plugins. Also I received NinjaFirewall security rules update when I update manually.

Do you have another security plugin or similar protection that could block WP Cron?

In the list of cron events, can you see the following ones, which are all belonging to NinjaFirewall:
-nfsecupdates
-nfwgccron
-nfdailyreport

If you see them, is their “Next Run” date in the future or in the past?
If you don’t see them, can you disable and re-enable NinjaFirewall from the “Plugins” page. When you re-enable it, it will check the cron jobs and recreate them.

Lastly, do you see any error in the “NinjaFirewall > Dashboard” page?

“Do you have another security plugin or similar protection that could block WP Cron?”

I had before and I deleted them. I have loaded Ninja Scanner.

“In the list of cron events, can you see the following ones, which are all belonging to NinjaFirewall:
-nfsecupdates
-nfwgccron
-nfdailyreport

If you see them, is their “Next Run” date in the future or in the past?”

I have a Multisite install example.com with two subfolder sites example.com/es and example.com/en. The main site is empty and redirects to example.com/es.
I can see the cron nf only in the backend of the main site, “Next Run” date is in the the past, all the cron events are failing in the main site. In subsites I have only warnings from Yoast plugin.

Lastly, do you see any error in the “NinjaFirewall > Dashboard” page?

I don’t see errors in the dashboard

Thanks for your time.

There’s a problem with your WP cron, it’s obviously not working.

Can you check the WordPress “Tools > Site Health” page on the main site for errors and warnings?

Only in the main site I see the following:

The scheduled event, wp_scheduled_auto_draft_delete, failed to run. Your site still works, but this may indicate that scheduling posts or automated updates may not work as intended.

Indeed, this is an issue with the WordPress cron that is not working. Automated updates and scheduled events from plugins such as NinjaFirewall won’t work, which is quite a problem.
Maybe check your server HTTP logs for POST requests to the wp-cron.php script such as this one:
127.0.0.1 - - [12/Feb/2021:14:07:15 +0700] "POST /wp-cron.php?doing_wp_cron=1613113634.6234180927276611328125 HTTP/1.1" 200 5 "https://example.com/wp-cron.php?doing_wp_cron=1613113634.6234180927276611328125" "WordPress/5.6.1; https://example.com" "-" "example.com"

This shows a POST resquest to the /wp-cron.php script that returned a successful “200” HTTP code.

I found the following with my server IP

45.77.XXX.XXX - - [12/Feb/2021:17:09:55 +0000] "POST /wp-cro n.php?doing_wp_cron=1613149794.6898539066314697265625 HTTP/1 .0" 302 790 "https://example.com/wp-cron.php?doing_wp_cron =1613149794.6898539066314697265625" "WordPress/5.6.1; https: //example.com X-Middleton/1"

What should I do?

I fixed the redirection in the htaccess file and most of the events don’t have warnings now.

However, before I deleted the ninja cron events, I disable and enabled de plugin, but it didn’t recreate the events.

The error message in the security rule, isn’t there any more. I had to choose a manual update

Thanks for your time

Disabling and reactivating the firewall from the “Plugins” page should recreate the cron events. If that doesn’t work, you can export your configuration from the Firewall Options page and then simply reimport it immediately. That too should recreate the cron events.

Export and reimport worked!
Thanks!!!