Wordfence is scanning forever

  • Resolved MCosmin

    (@mcosmin)


    10 years, 9 months ago

    Hi,

    I installed wordfence I and I started a scan, but it didn’t stop. After six hours, it was still scanning. I disable the plugin and I reactivated it again, I restarted the scan, same thing. I killed the running scan and I started it again, same problem – the scan doesn’t stop.

    On Scan Summary I have:
    Preparing a new scan.Done.
    Remote scan of public facing site only available to paid membersPaid Members Only
    Fetching core, theme and plugin file signatures from WordfenceSuccess.
    Fetching list of known malware files from WordfenceSuccess.
    Comparing core WordPress files against originals in repositorySecure.
    Skipping theme scanDisabled [Visit Options to Enable]
    Skipping plugin scanDisabled [Visit Options to Enable]
    Scanning for known malware filesSecure.
    Scanning file contents for infections and vulnerabilities
    Scanning files for URLs in Google’s Safe Browsing List

    On the last two items the scan doesn’t stop.

    On Scan Detailed Activity I have:

    Starting scan of file contents

    What should I do to make the scan working?

    https://www.ads-software.com/plugins/wordfence/

Viewing 15 replies - 16 through 30 (of 31 total)
  • Thread Starter MCosmin

    (@mcosmin)

    Hi Mark,

    Did you test this plugin on LiteSpeed server? Wordfence is working on LiteSpeed?

    Plugin Author Wordfence Security

    (@mmaunder)

    I haven’t tested it on litespeed. But I understand we have a few users who are using it in that environment. If I have time I’ll test it there. If your host has any errors they could forward to me that would be helpful.

    Regards,

    Mark.

    I’ve been having the same issue for about 2 weeks. Perhaps an update messed it up, as it was fine before that.

    It gets up to “Scanning posts for URL’s in Google’s Safe Browsing List” and then gets stuck there (for days). Always the same step, which it seems others are getting stuck on too despite having plenty of memory.

    Any help would be appreciated.

    I considered uninstalling and reinstalling, but did not want to lose my settings and blocked IPs.

    Plugin Author Wordfence Security

    (@mmaunder)

    OK guys I’ve added a high priority issue to get this tested and fixed if necessary.

    Regards,

    Mark.

    Just to let you know my scans have never once completed and I am also running on LiteSpeed (Stablehost). Thanks.

    Similar problems with scans not completing on a Lightspeed server.

    And use of the “Click to view your system’s configuration in a new window” utility 3 times in an hour will get you blocked on the LightSpeed server I am using.

    Error log:
    2014-03-06 12:13:51.652 [NOTICE] [86.8.172.119:1857-0#APVH_domainname.com] mod_security rule triggered!
    [Thu Mar 6 12:13:51 2014] [error] [client 86.8.172.119] ModSecurity: Access denied with code 403, [Rule: ‘REQUEST_URI’ ‘php(?:e9568f3[56]-d428-11d2-a769-00aa001acf42|b8b5f2a0-3c92-11d3-a3a9-4c7b08c10000)’]
    [ID: 380800] [Msg: Atomicorp.com WAF Rules – Virtual Just In Time Patch: PHP Easter Egg Access]
    2014-03-06 12:13:51.652 [NOTICE] [86.8.172.119:1857-0#APVH_domainname.com] Content len: 0, Request line: ‘GET /index.php?=PHPE9568F35-D428-11d2-A769-00AA001ACF42 HTTP/1.1’
    2014-03-06 12:13:51.652 [INFO] [86.8.172.119:1857-0#APVH_domainname.com] Cookie len: 240, wfvt_757760697=5318667f5fadd; PHPSESSID=0mq2e270frasaer60junj08qu4; catAccCookies=true; wordpress_test_cookie=WP+Cookie+check; wordpress_logged_in_1c90de1c84df7673f50806fa48a06100=adminname%7C1394278740%7C6a4852fc02c3b034299482d21059aea5

    2014-03-06 12:13:51.661 [NOTICE] [86.8.172.119:1858-0#APVH_domainname.com] mod_security rule triggered!
    [Thu Mar 6 12:13:51 2014] [error] [client 86.8.172.119] ModSecurity: Access denied with code 403, [Rule: ‘REQUEST_URI’ ‘phpe9568f34-d428-11d2-a769-00aa001acf42’]
    [ID: 380801] [Msg: Atomicorp.com WAF Rules – Virtual Just In Time Patch: PHP Easter Egg Access]
    2014-03-06 12:13:51.661 [NOTICE] [86.8.172.119:1858-0#APVH_domainname.com] Content len: 0, Request line: ‘GET /index.php?=PHPE9568F34-D428-11d2-A769-00AA001ACF42 HTTP/1.1’

    Another one on lightspeed where scans have never started. I use wordfence just for its firewall ??

    count me in for litespeed

    Also have the above problem with Wordfence scanner running indefinitely with Litespeed webserver on a VPS.

    Reverting back to Apache webserver solves this ‘issue’ and results in completed Wordfence scans on three WordPress sites.

    On one WP site: Wordfence scan ‘hangs’ on:
    – Fetching list of known malware files from Wordfence

    On the two other WP sites: Wordfence completes the above task ( the fetching list of know malware files from WordFence ) to subsequently ‘hang’ whilst simultaneously running the following tasks:
    – Comparing core WordPress files against originals in repository
    – Comparing open source themes against www.ads-software.com originals
    – Comparing plugins against www.ads-software.com originals
    – Scanning for known malware files

    any update on this issue? I just installed this plugin and it gets frozen during the scan. Also on Litespeed.

    M

    (@infolegal)

    @lentak: have you checked this post https://support.wordfence.com/support/articles/1000129050-running-wordfence-under-litespeed-web-server-and-preventing-process-killing-or? Make that change and your plugin will work.

    Thanks, it’s working now.

    Hello, is there a fix for this issue yet? I’ve tried the above suggestion following the link… Did not work, it’s stuck in scan..

    It’s stuck for me too. It’s on a Debian 6 server.
    The error shows it being a cURL problem: [22-Dec-2014 20:13:55 America/Los_Angeles] PHP Fatal error: Call to undefined function curl_init() in /wp-content/plugins/wordfence/lib/wordfenceClass.php on line 920

    Even with cURL enabled, it’s still just running and running.

Viewing 15 replies - 16 through 30 (of 31 total)
  • The topic ‘Wordfence is scanning forever’ is closed to new replies.