Wordfence Scan Stage failed

  • Resolved Anonymous User 20140573

    (@anonymized-20140573)


    1 year, 2 months ago

    Hello Community,

    I have a problem with the scan of Wordfence since a few days it doesn`t want to start. In debugging mode comes this:

    [Jul 26 19:04:39:1690391079.547935:4:info] Scan process ended after forking.

[Jul 26 19:04:38:1690391078.812801:4:info] Starting cron via proxy at URL https://noc1.wordfence.com/scanp/diebergeundich.de/7R4C3?action=wordfence_doScan&isFork=0&scanMode=standard&cronKey=de868d5690aaabe0612b0cc8c63b9681&k=993b9a2790851d724f552ada416f9ce585fc2739c3ca7d5fc6ec2be4244721bb32da240ac63d081adfe4492cc1460fdb9b8333a98e656693d8dae04558ba4bf403ae35c9bb6942c16ca876c838185e6b&ssl=1&signature=f3d28d0363c64be4437e9e68d1ddf1048fa7dd6b91fc2065c8d9b0356317033e

[Jul 26 19:04:38:1690391078.808403:4:info] getMaxExecutionTime() returning config value: 8

[Jul 26 19:04:38:1690391078.806471:4:info] Got value from wf config maxExecutionTime: 8

[Jul 26 19:04:38:1690391078.777120:4:info] Entering start scan routine

[Jul 26 19:04:38:1690391078.769453:4:info] Ajax request received to start scan.

[Jul 26 19:04:37:1690391077.269119:10:info] SUM_KILLED:A request was received to stop the previous scan.

[Jul 26 19:04:37:1690391077.267043:1:info] Scan stop request received.

[Jul 26 19:04:34:1690391074.151236:4:info] Calling Wordfence API v2.26:https://noc1.wordfence.com/v2.26/?k=993b9a2790851d724f552ada416f9ce585fc2739c3ca7d5fc6ec2be4244721bb32da240ac63d081adfe4492cc1460fdb9b8333a98e656693d8dae04558ba4bf403ae35c9bb6942c16ca876c838185e6b&s=eyJ3cCI6IjYuMi4yIiwid2YiOiI3LjEwLjIiLCJtcyI6ZmFsc2UsImgiOiJodHRwczpcL1wvZGllYmVyZ2V1bmRpY2guZGUiLCJzc2x2IjoyNjk0ODgzNjcsInB2IjoiOC4xLjIxIiwicHQiOiJjZ2ktZmNnaSIsImN2IjoiNy42NC4wIiwiY3MiOiJPcGVuU1NMXC8xLjEuMW4iLCJzdiI6IkFwYWNoZSIsImR2IjoiMTAuNS4xNy1NYXJpYURCLTE6MTAuNS4xNyttYXJpYX5kZWIxMC1sb2ciLCJsYW5nIjoiZGVfREUifQ&action=resolve_ips

[Jul 26 19:04:29:1690391069.824540:4:info] Calling Wordfence API v2.26:https://noc1.wordfence.com/v2.26/?k=993b9a2790851d724f552ada416f9ce585fc2739c3ca7d5fc6ec2be4244721bb32da240ac63d081adfe4492cc1460fdb9b8333a98e656693d8dae04558ba4bf403ae35c9bb6942c16ca876c838185e6b&s=eyJ3cCI6IjYuMi4yIiwid2YiOiI3LjEwLjIiLCJtcyI6ZmFsc2UsImgiOiJodHRwczpcL1wvZGllYmVyZ2V1bmRpY2guZGUiLCJzc2x2IjoyNjk0ODgzNjcsInB2IjoiOC4xLjIxIiwicHQiOiJjZ2ktZmNnaSIsImN2IjoiNy42NC4wIiwiY3MiOiJPcGVuU1NMXC8xLjEuMW4iLCJzdiI6IkFwYWNoZSIsImR2IjoiMTAuNS4xNy1NYXJpYURCLTE6MTAuNS4xNyttYXJpYX5kZWIxMC1sb2ciLCJsYW5nIjoiZGVfREUifQ&action=timestamp

[Jul 26 19:04:00:1690391040.792658:2:info] Attempting to resume scan stage (0 attempt(s) remaining)...

[Jul 26 19:03:09:1690390989.673132:2:info] Attempting to resume scan stage (1 attempt(s) remaining)..

    I alredy tried all the solutions to this topic on the Wordfence Site (e. g. Try starting scans remotely, Check plugins, Do not password-protect wp-admin, Make sure our servers are not blocked from reaching your site, Check the database tables, Check the WordPress AJAX handler,Additional scan troubleshooting) but nothing works.

    Only the point with “Please stop password protecting your /wp-admin” made me a bit suspicious.

    Unfortunately I am not an expert in this area at all, but I noticed that I changed the /wp-admin path a few days ago.

    I don’t know if this is the same as “password protecting your /wp-admin”.

    If it is, what setting can I do to make Wordfence compatible with it? I would not like to run my site without one of the both things.

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)

  • Thanks for reaching out.

    I thought I’d address your comments about changing the admin URL, which could be the problem.

    Changing the login URL is a feature we do not include in Wordfence. Though it is something that many people swear by and can help a little in certain situations it’s ultimately not very beneficial. These are the reasons why:

    1. Changing WordPress URLs involves a risk of breaking functionality of WordPress themes and plugins.
      For example, WordPress JavaScript XMLHttpRequest object (AJAX) functions are triggered via admin-ajax.php which is located in wp-admin folder. Changing /wp-admin is a URL but it is also a folder path. We have seen plugins that change the admin URL break this functionality unintentionally, but it causes confusion as to what happened, what went wrong, and what was to blame..
    2. Changing the URL makes us feel more secure but it does not actually make the site more secure.
      It is what many security analysts refer to as “security through obscurity”. It’s like boarding up the front door of your home to protect yourself against a burglary. Someone looking for a quick break in may be deterred, but any seasoned thief is just going to go look for another door or window to get in. Any serious attacker can and will anticipate this and look for other ways in too.
    3. Over half of all login attempts that are made on WordPress sites are made via xmlrpc.php.
      Those will not be stopped by changing your admin URL. Our Wordfence Login Security and Wordfence plugins offer the option to block XMLRPC or at least require 2FA with authentication requests using XMLRPC on the Login Security > Settings page.

    Additionally, if you change the wp-admin or wp-login URLs you also lose visibility on who is attempting to log in to your site and when they are doing it since we’re not looking for logins on a random URL that you created.

    What we recommend as a means of reducing login attempts is using the Brute Force Protection settings and by blocking XMLRPC like I mentioned before. Also using the 2FA functionality we give you for free in Wordfence and Wordfence Login Security will greatly reduce the risk of a compromise.

    Try naming /wp-admin back and see if that helps the scans.

    Mia

Viewing 1 replies (of 1 total)
  • The topic ‘Wordfence Scan Stage failed’ is closed to new replies.