emuninja

Hi Laura, it looks like that email thread is being blocked by google (might explain why previous replies didn’t come through to you/Nebu.) I’ve started a new email thread and sent you a reply.

Hi Kasia

We provided the login details to our site but heard nothing back from your team. Those login details are still valid if the team want to login and check the site.

Hi Laura

Thanks, those details have just been submitted.

Yep, active gateway, receiving what appears to be spam entries, since we can’t see any of the details, it’s bit hard to be sure, but the form became about 5000% more popular in one day, so it’s unlikely to be real submissions.

We’ve had to take down the form/page for the moment while trying to figure this one out. I can look at getting you an account, let me know how to send you login credentials.

Pastebin of form (with redactions made to messages/identifying information) https://pastebin.com/euX40BBM

Ideally, this code shouldn’t exist.

A check of memory limits is fine to disable/show a warning, but plugins should not be setting their own memory limits.

I’ve started moving some of my sites away from WordFence due to this and the performance hit it puts on a website.

Hi @wfyann

You can, but that should only affect the install when running a scan, the bug I described in my first post affects the entire WordPress install for every request.

For larger (ie eCommerce) sites this could be a huge issue and hopefully can be fixed in an update very soon.

Hi @wfyann

Unfortunately yes. The plugin is reading the ini and unless I have the ini value set to something larger than 128 (when cast to an int) then the ini value gets overridden to 128M.

If I set my site ini to 768M, then the 1024M WP_MEMORY_LIMIT is used. I would also assume if I set the site ini to 1024M it would also work correctly, but I don’t easily have that option from my hosting cPanel.

There is a note on the PHP site around reading memory size limits that might be helpful: https://secure.php.net/manual/en/function.ini-get.php