wfjanet
Forum Replies Created
-
Hi @startechmarketing,
Sorry for the delayed response.
Sounds good. Let us know in case you need any further assistance from our end.
Thanks,Janet.
Hi @sevenokve,
Thank you for reaching out and bringing this to our attention.
We have taken note of the suggestion and passed it over to the team in charge of documentation.Should you need any Wordfence-related assistance, please create a new topic, and we’ll be happy to help.
Thanks,
JanetHi @cameronjonesweb,
Thank you for reaching out.
Is the error happening repeatedly?
Could you please check the browser console for errors while viewing the Scan page? If there are multiple scan results visible, make sure to scroll all the way to the bottom, so it tries to load additional results.
Take screenshots of any errors on the browser console using snipboard and share the link so I can take a look and advise.
Thanks,
Janet
Hi @boghi,
Thank you for reaching out.
The error looks like it may be caused by a file-locking issue. Please confirm that permissions are set to 755 for the WordPress site’s directories – this includes the wflogs folder and the process owner to
www-dataif needed for your setup.If the above settings are in place, I would recommend switching to MySQLi storage engine so that sites can store firewall data in the MySQL database instead of using files in “wp-content/wflogs/”.
You can find the instructions on the link below:
https://www.wordfence.com/help/firewall/mysqli-storage-engine/
Let me know in case the issue still persists.
Thanks,
Janet.
Hi @jaak69,
Thank you for reaching out to us and bringing this to our attention.
If the infected file still exists, please send a sample of the infected file to our team at [email protected] so that our team can look into it and determine why Wordfence didn’t pick it up. It would be nice to have the file checked out by our team.
In your email, please include a link to this forum topic so that our team will know you had raised the issue with us.
Thanks,
Janet
Hi @lingcreative,
Thank you for reaching out.
I’m happy to hear that you were able to clean the site. I found the third party article with instructions on how to uninstall and delete a WordPress theme. It’s always best to make a backup of the site and database before installing/removing themes, just to be safe.
https://www.wpbeginner.com/beginners-guide/how-to-delete-a-wordpress-theme/
Make sure and get all your plugins and themes updated and update WordPress core, too. As a rule, any time I think someone’s site has been compromised, I also tell them to update their passwords for their hosting control panel, FTP, WordPress admin users, and database. Make sure to do this because attack vectors around your hosting or database environments are outside of Wordfence’s influence as an endpoint firewall.
Additionally, you might find the WordPress Malware Removal section in our Learning Center helpful: https://wordfence.com/learn/
If you’re still have issues and need help cleaning the site, there are paid services that will do it for you. Wordfence offers one and there are others. Per the forum rules, we’re not allowed to discuss Premium here, but please reach out to us at [email protected] if you have any questions about it.
Regardless, if you choose to clean it yourself or let someone else do so, we recommend that you make a full backup of the site beforehand.
Thanks,
Janet
Hi?@jenflan,
Thank you for reaching out.
Did you recently update WordPress core by chance? This could explain it.
If not, please navigate to Wordfence > Scan page, find these results, click on them to expand the details, then screenshot them for me to review.
You can post them here if you remove the sensitive data but I’d rather you send them to [email protected] with your Forum username as the subject.
As a rule, any time I think someone’s site has been compromised, I also tell them to update their passwords for their hosting control panel, FTP, WordPress admin users, and database. Make sure to do this because attack vectors around your hosting or database environments are outside of Wordfence’s influence as an endpoint firewall.
Let me know once you send the screenshots.
Thanks,
Janet
Hi?@vikp,
Thank you for reaching out.
Based on previous cases of this error message, it appears to be an issue around writing data to our log files. In most cases, this is caused by corrupted file or the hosting environment running out of allowed space. There is also a possibility that the file is not available/permitted to be written to.
To resolve, login via FTP or hosting file manager, navigate to your wp-content/wflogs folder. You should be able to delete the wflogs folder or its contents entirely and Wordfence should try to repopulate it within 30 minutes.
It’s also worth checking that permissions on your WordPress site’s directories are 755, and that the process owner is www-data if appropriate for your setup.
If you have persistent problems with this file/folder, you can bypass it entirely by setting Wordfence to write to the MySQLi storage engine instead of a file if you prefer: https://www.wordfence.com/help/firewall/mysqli-storage-engine/
Let me know how it goes.
Thanks,
Janet
Hi @coldxot,
Thank you for reaching out.
From the issue description you have provided, I suspect this could be a false positive.
Could you please expand the details button and share a screenshot of the scan result using snipboard so I can take a look and advise?
Share the link to the screenshot once done.
I look forward to hearing from you.
Thanks,
Janet
Hi @abrowet,
Thank you for reaching out and providing the error logs.
We don’t provide support for custom code but I had our QA team look into this and here’s a few things you can check:
- Are you checking if the user is logged in before the
inithook? This can cause some of WP’s hooks that Wordfence uses to be called too early. - Are you loading any WordPress core files with
includeorrequireout of the usual order? This can also cause other hooks to be called out of order. - If the site where this is being tested has other plugins, temporarily disable the other plugins and see if the issue still occurs, in case one of the other plugins is doing one of the things above.
I hope this this helps.
Thanks,
Janet.
Hi @mahdar2003,
Thank you for reaching out.
Can you do the following so I can get the information I need to help you?- Stop the existing scan if it is still running (The “Start New Scan” button turns into a “Stop” button while the scan is running).
- Go to your Wordfence > Scan > Manage Scan and locate the “Performance Options” section. Set “Maximum execution time for each scan stage” to 20.
- Click to “Save Changes”.
- Go to the Tools > Diagnostics page.
- In the “Debugging Options” section check the circle “Enable debugging mode”.
If “Start scan remotely” is checked, uncheck this option. - Click to “Save Changes”.
- Start a new scan on the Scan page.
- If the scan fails again, copy the last 20 lines or so from the Log (click the “Show Log” link) once the scan finishes and paste them in the post.
On some sites, this will correct the issue. Adding “20” for the “Maximum execution time for each scan stage” tells the scan to pause every 20 seconds and start again where it left off, which makes the scan more performance-friendly for some servers. If this fixes the issue and scans run again, you can leave all the settings above except for “Enable Debugging Mode”.
For a screenshot of my recommended Performance setting options click here.
Thanks,
Janet.Hi?@majito,
Thank you for reaching out.
From the information above, it looks like you’re having trouble with Firewall optimization.With AIOS activated, you should select the “include” option, download backups of any files if prompted and click on “Continue” to optimize the firewall.
With AIOS deactivated, download backups of any files if prompted and click on “Continue” to optimize the firewall.
There are detailed instructions on how to optimize the firewall on the link below:
https://www.wordfence.com/help/firewall/optimizing-the-firewall/#firewall-optimization-setup
If you’re still having trouble accessing the site, the links below may be helpful.
Let me know how it goes.
Thanks,
Janet.
Hi?@gmariani405,
Thank you for reaching out.
I have seen issues similar to yours with customers that host on WPEngine since they don’t allow the use of the file based storage engine for the firewall configuration data.
To resolve this, you would need to switch MySQLi storage engine so that sites can store firewall data in the MySQL database instead of using files in “wp-content/wflogs/“.
You can find the instructions on the link below:
https://www.wordfence.com/help/firewall/mysqli-storage-engine/
Let me know how it goes.
Thanks,
Janet.
Hi @corrinda,
Thank you for reaching out.
The size of the tables (wffilemods and wfknownfilelist) may be explained by the number of files being scanned since you have over 173,000 files. Do the database tables double in size every time a scan runs? If not, you should be good to go since the scans are working.
Do all the files belong to a single site? If there are other sites in subdirectories that are also running Wordfence, you can exclude them from this site’s scan to reduce the number of files.
We do have plans to improve this in a future version but I cannot commit to a timeline here in Forums.
Thanks,
Janet
Hi?@generosus,
Thank you for reaching out.
For zero-day attacks, there are no Wordfence rules or signatures that have been developed to protect your site against them. For known attack types, Wordfence may be able to protect against the attack because the specific attack type, whether SQL injection, XSS or another type, may be known.
Wordfence Free customers receive new released rules after 30 days.
You can read more about Zero Day vulnerabilities and how to protect yourself here:
Thanks,
Janet
- Are you checking if the user is logged in before the