WordPress.org

Ready to get started?Download WordPress

Forums

iThemes Security (formerly Better WP Security)
[resolved] [closed] [Plugin: Better WP Security] File change notification sends 2-3 emails (40 posts)

  1. Dan Knauss
    Member
    Posted 2 years ago #

    Every time a file change notice goes out, I get 2, sometimes 3 copies at the same time from every site using Better WP security. (Current release)

    http://wordpress.org/extend/plugins/better-wp-security/

  2. Dan Knauss
    Member
    Posted 2 years ago #

    This is now happening for database backups sent by email. Every time of email the plugin sends out arrives in 3 copies.

  3. Are you using Database query caching? This could cause all but 2 for the database backups to happen.

  4. Dan Knauss
    Member
    Posted 2 years ago #

    Yes I am using query caching with W3TC. I'll try turning that off.

  5. Dan Knauss
    Member
    Posted 2 years ago #

    I still got two database backup emails and two file change warning emails today. Both sets had the same time stamp, but the file change list was not included.

    I've never seen that before. The file change notification emails just said "A file (or files) on your site at http://solarismed.com/blog have been changed. Please review the report below to verify changes are not the result of a compromise."

    That was the end of the email.

    From another WP site (same host, totally different server environment) that is actively using memcache for query caching, I got two database backup emails that were identical but sent 2 minutes apart.

  6. Thanks Dan. The 2 email issue is an ongoing bug I admittedly haven't had time to tackle. As for the missing content, has this problem reoccured or was it a one-time issue?

  7. Dan Knauss
    Member
    Posted 2 years ago #

    Good to know. The missing email content has only happened once so far.

  8. Thanks Dan. I'm going to assume, for now, that it was a fluke. Please let me know if you encounter it again.

  9. astreetweb
    Member
    Posted 2 years ago #

    This happens to me too. Every notification, I get 2 or 3 copies of the same message. I use super-cache. Latest version of WP (4.1)

  10. Can you all try the dev version? I do believe I've fixed it (my bigger sites aren't seeing duplicates anymore) but I don't have enough sites I can accurately test the fix on to confirm it works (small traffic sites often didn't have the problem in the first place).

  11. art4life
    Member
    Posted 2 years ago #

    i have same problem , but i get about 20 emails over an hour period
    it locks my site so i cant get in from the front or backend

    this happens every day , im not even live yet still building the site for a client who is losing patience with me as it is making me look like i dont know what im doing

    this plug - in is causing me a nightmare

    i will now have to pay a professional to remove this and properly secure my site

  12. @art4life

    Disable the file check feature. The multiple bug has been tested and fixed but depending on your caching setup and server memory may not work on your system (by nature not all features will or are even intended to work on every installation).

  13. art4life
    Member
    Posted 2 years ago #

    hi

    Im using wp-cache
    Disable the file check feature - this is done.

    im going through the problem as we speak , started to receive email warnings an hour ago , getting one around every 5-8 mins, site is frozen cant get into back or front end.

    This happens every single day and lasts for around 2 - 3 hours.
    Saturday i had over 35 emails with the same message.
    i have done no work for over a week on site since i installed the plugin , so no new posts nothing , the site is not now and has never been live.
    This is holding everything up.

    This has taken over and slowed down my site , i had a fast healthy site with no problems at all ready to go live last week , now im stuck and in trouble

    please advise

    thankyou

    anybody with any tip or help please leave a comment and thankyou..

  14. art4life, it sounds like you have a very unique situation going there for one reason or another. Please email me at info [at] bit51 [dot] com and we'll see what we can do.

  15. art4life
    Member
    Posted 2 years ago #

    hi

    thanks for looking at my problem i have emailed you

  16. art4life
    Member
    Posted 2 years ago #

    hi

    did you receive my email ?

    really need to get this issue fixes a.s.a.p. going into the 3rd week now

    thanks

  17. art4life
    Member
    Posted 2 years ago #

    i have sent 2 emails now with a report, never got a reply ?????

    once again locked out of my own site for 2 hours while i receive another 20 emails telling me the same thing over and over and over.

    Into my 3rd week on monday without being able to launch the site, back and front end lock outs every day.

    Getting no support at all what so ever on this forum and not sure what else i can do.

    Is there anybody out there who can help me or have any idea ?

  18. cogmios
    Member
    Posted 2 years ago #

    I noticed I have the same problem, I just got 3 mails with the same contents.

    Thing is... if I change stuff in the plugin , it will be gone when i update the plugin :)

  19. art4life
    Member
    Posted 2 years ago #

    @ cogmios get ready for many many more , i had 18 yesterday , and im locked out of my site for around 1 - 2 hours every day

    getting no support at all , sent developer multiple messages with no reply.

    the worst thing for me was this as my first paid job , i should of had a site launch today instead im desperately looking for help and am now working for free , not a good look at all.

    If any body has any ideas please share them.....

  20. cogmios
    Member
    Posted 2 years ago #

    @art4life I'm a bit busy so did not have time to look through the sources (but every bug is solvable after some time)

    But uhm... why does your paid job rely on a plugin ???

    why dont you de-install it and try some other security plugins if that bug is bugging you?

    Also: this topic marked as "RESOLVED" so this might be the reason that this topic is not picked up.

  21. art4life
    Member
    Posted 2 years ago #

    Hi

    time to respond now ?

    - But uhm... why does your paid job rely on a plugin - because i cant launch a site that crashes every day , i missed my launch deadline - im not getting paid , simple.
    im finishing the job out of respect and so i dont lose my reputation.

    ive read several posts online from people who couldnt completely get rid of the plug in, so not wanting to make a bad situation any worse i have been reaching out for help everywhere, not just here.

    i have tried to pay 2 so called wordpress experts to help me and they both said they could not and blamed the plug in.

    ive been very respectful in all my communication , just ignored.

    maybe you have a link or company that can help me please

    thankyou

  22. art4life
    Member
    Posted 2 years ago #

    i get this every day , along with another 15 - 20 mails

    i have not added anything to site for over 2 weeks

    Scan Time: Sunday, July 29th 11:04 pm UTC
    Files Added: 5
    Files Deleted: 7
    Files Modified: 32
    Memory Used: 0 MB

    Scan Time: Saturday, July 28th 9:42 pm UTC
    Files Added: 9
    Files Deleted: 37
    Files Modified: 33
    Memory Used: 0 MB

    Scan Time: Friday, July 27th 7:56 pm UTC
    Files Added: 70
    Files Deleted: 3
    Files Modified: 90
    Memory Used: 0 MB

    Scan Time: Thursday, July 26th 6:41 pm UTC
    Files Added: 19
    Files Deleted: 0
    Files Modified: 1
    Memory Used: 0 MB

  23. cogmios
    Member
    Posted 2 years ago #

    Strange , I got the message from a lockout on an IP 3 times.

    But by the looks of it you are using a cache indeed :)

    But uhm.. if you dont want to use the file check why not change execute_filecheck( $auto = true )
    to not use it (in filecheck.php) ??

    (and while I read it , i see switch_to_blog( 1 ); for multisite, I wonder if that 1 is always correct and is not sometimes a 0) (not sure)

    p.s. it is on line 252:

    if ( $bwpsoptions['id_fileemailnotify'] == 1 ) {
    						$this->fileemail();
    					}

    change it to some other value, crude fix but workaround until the final one comes around from the developer.

  24. art4life
    Member
    Posted 2 years ago #

    thanks cogmios for your reply

    im using wp cache , the most popular plugin online for this im led to believe.

    im not sure how to do this - execute_filecheck( $auto = true )
    to not use it (in filecheck.php) ??

    do you have a link to a tutorial

    thanks again for the reply

  25. cogmios
    Member
    Posted 2 years ago #

    I updated it with a bit of code.

    so... in /inc/filecheck.php on line 251 change the "1" to some other value, then it wil not use $this->fileemail()

    It will still update the database. Do not have time to go through the complete code.

    p.s. : a link to a tutorial ????? GRIN ! start here: http://php.net/ :)

  26. art4life
    Member
    Posted 2 years ago #

    hi big thanks for this

    a very noobie question , but where is that code ?

    is it within the plug-in, or is it a part of my theme

    thanks

  27. cogmios
    Member
    Posted 2 years ago #

    I'm also wondering about 'starttime' => $currtime in the plugin. I have not checked if it compares the stored time with a time from the plugin, I usually get the time from mysql:

    try {
    // takes about 0.2435 seconds
    $sql = "SELECT UPDATE_TIME, NOW() FROM information_schema.TABLES WHERE <code>TABLE_NAME</code> = '$table_name_2';";
    $row_uri = $wpdb->get_results(	$sql, ARRAY_A);
    }
    catch  (Exception $e)
    {
    Log::F($debug,'Could not Get Response ' . $e->getMessage());
    }

    and then (if it is not null):

    $latest_timestamp_in_database =  date_create($row_uri[0]["UPDATE_TIME"]);
    				$latest_timestamp_in_database = $latest_timestamp_in_database->getTimeStamp();
    
    				$current_date_timestamp_in_database =  date_create($row_uri[0]["NOW()"]);
    				$current_date_timestamp = $current_date_timestamp_in_database->getTimestamp();
    
    				$difference = $current_date_timestamp - $latest_timestamp_in_database;

    Disadvantage is that the user needs to have read access to the information schema

    What I mean to say is : could be used to prevent in all possible cases sending multiple mails out, if after a send mail the send mail was hashed and logged with its timestamp in the database (just to be sure).

    So whatever happens as long as this database check can take place it will not send out multiple mails if we store the send mails in the db.

  28. cogmios
    Member
    Posted 2 years ago #

    @art4life : in the plugin of course GRIN ...

    so /plugins/better-wp-security/inc/filecheck.php

    Maybe just read through all the php code of the better-wp-security plugin to get a feeling for what it does?

  29. art4life
    Member
    Posted 2 years ago #

    thanks , im still learning a lot of this stuff , but slowly getting there.

    if i cant work it out today , i will be looking at paying somebody to fix it.

    you have helped a lot :)

  30. cogmios
    Member
    Posted 2 years ago #

    @art4life : there are several places where the plugin sends out mails. I wonder if it would not have been nicer to use a central mail class so it would be easier to have "send no mail" or have a filter on outgoing mails.

    I think this would a good suggestion for the dev as an improvement.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic