wp_wfHoover is 43GB !!!!

Hi Martin,

Sorry you are having issues with the plugin. 43GB is pretty big!
I have a few questions for you.

What version of Wordfence are you running?
Are you scanning manually or scanning on a schedule?
Can you run a scan and then check the size of the database table?

Thanks!

tim

Hi Martin,

Tim alerted me to this issue. Please make sure that the user that WordPress is using to access your MySQL has permissions to either truncate or “delete from” the table.

You can go ahead and truncate the table yourself using the mysql command” truncate table wp_wfHoover;”. DO NOT just delete the file or you’ll corrupt your DB. Only do this via mysql.

Then run a scan and let us know if it’s completing and what the status is of that table after the scan.

Thanks.

Thank you for the suggestions. I am overswamped with the finishing touches on a website to be released. I will test as you suggested as soon as I have free time. I will report back here with the results.

Great! Let us know.

tim

This happened to me because I did not grant the site’s MySQL user DROP/TRUNCATE permission for security reasons. I saw this in the server’s PHP error log:

[25-Sep-2014 10:55:37] WARNING: [pool www] child 21991 said into stderr: "NOTICE: PHP message: WordPress database error DROP command denied to user 'username'@'localhost' for table 'wp_wfHoover' for query truncate table wp_wfHoover made by wp_new_comment, wp_allow_comment, apply_filters('pre_comment_approved'), call_user_func_array, wordfence::preCommentApprovedFilter, wfScanEngine->isBadComment, wordfenceURLHoover->cleanup, wfDB->truncate, wfDB->queryWrite"

So the TRUNCATE command was never actually successful. Is this error caught by Wordfence and displayed in the UI, or is it silently ignored? I don’t really want to grant the TRUNCATE permission to a database user used by a web site.

I don`t understand because in my case, the user of the database does have full access:

See Screenshot

I have a similar problem, but have no idea how to implement any of the above suggestions.
Plain English version please?
Unfortunately I don’t know which of mys sites the problem is on, but I have 100,000 more files than I did 2 days ago!!

Steve

Hi,
yesterday I decided to retry Wordfence on my site. Overnight, the databse became overbloated, with wp_wfHoover gaining over 4.6GB in size!

I checked the user priviledges on this database, and it seems I have two users on it (dunno why), but both users have the full priviledges. See the following screenshot:

<img src=”https://dl.dropboxusercontent.com/u/5840419/wordfence_hugedatabase.jpg”&gt;
screenshot

What could possibly be the cause of this problem?
Note I also use Wordfence on another wordpress site on the same server, and I do not experience this problem.

I would really love to fix this issue because Wordfence is a necessity on the website I want to use it. It has a large volume of traffic, and it could really use the protection Wordfence provides.

martinperreault: If you have access to the MysQL command line:

GRANT ALL on mywordpressdatabase.* to ‘thewordpressuser’@’localhost’;

That should give the username for your wp site sufficient permissions to manage the database.

Thanks. Maybe I am doing it wrong… I get this error message:

#1142 – GRANT command denied to user ‘martinp’@’localhost’ for table ‘wrdp1’

Hi again.
yesterday, I tried the following:

– went in Cpanel
– deleted BOTH users from my database
– re-added each user to the database, and when cpanel asked what priviledge to give those users, I said FULL priviledges .

RESULT:
today I checked my database, and wp_wfHoover was 18GB in size!!!!!

This is insane. I REALLY don’t understand what’s happening and why.

That table is used to temporarily store URL’s found during a scan before we check them against the Google Safe Browsing (GSB) list of known malware and phishing URLs. This is used during a scan and in other places we check things against the GSB. I wonder if google’s problem with url shortners like bit.ly had anything to do with tis. Can you try a scan again and see if th table size changes?

https://www.ghacks.net/2014/10/25/google-blocks-bit-ly-chrome-and-firefox-affected/

tim

And wordfence.com/blog ??

Going back to earlier in the thread….

How do we ensure/tell/see that the user that WordPress is using to access our MySQL has permissions to either truncate or “delete from” the table?

Is this done within phpMyAdmin (query please?) or within Wordfence options (cant’t see it there)?

Also, how often/regular do scans occur when “Enable automatic scheduled scans” is ticked?

Have had to truncate the wp_wfHoover table using “truncate table wp_wfHoover;” as it was 1.7Gb. Installed Wordfence Friday and the scan was still running on Monday morning!

Don’t want to stop using WordFence ideally so appreciate some guidance?

I’ve had this problem off-and-on, and now WordFence is basically crashing any VPS I have WordPress setup on. Frustrating!

Basically a scan starts, even though I’ve deselected all options to scan URL’s against Google’s safe browsing list, etc, it still seems to go through this process and wp_wfHoover balloons to 200MB+ and drowns the VPS.

Any guidance?

Thanks.