• hpt

    (@highperformerteams)


    Hello,

    I’ve got trouble with getting a full Wordfence scan in one of my projects, it keeps failing during the Malware scan phase.

    What I’ve tried:

    • Switching to maintenance mode, deleting my cache and disabling the cache plugin
    • Setting the Scan type to “Limited”
    • Switching max_execution_time to 360 seconds
    • WordPress Debug mode on, but no errors were shown during the scan

    No matter what I do, at some point, the scan just stops. The log shows something like “Scanning contents:” followed by a file path etc. It’s not always the same file, and also happens with smaller files (~50K).

    I’m pretty much out of ideas now, what else can I try?

    Thanks in advance!

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @highperformerteams, thanks for getting in touch.

    Your max_execution_time at 360 is at a level we may consider problematic for scans to complete. It sounds counter-intuitive but a higher timeout is often more likely to affect scans than a lower one. We recommend setting max_execution_time in php.ini to a value of 60 or 30.

    After doing this, if your server is running Litespeed, it can experience scan timeout issue unless a configuration change is made. You may not have that but thought it was worth mentioning because it seems to match the behavior you’ve described.

    Let us know how you get on,
    Peter.

    Thread Starter hpt

    (@highperformerteams)

    Thank you! The server runs at IONOS, which as far I’ve researched doesn’t use Litespeed servers, but I’ll be sure to check tonight with the instructions you’ve sent.

    Setting the max_execution_time to 60 or 30 doesn’t help either.

    Any other ideas what I could check or try?

    Plugin Support wfpeter

    (@wfpeter)

    Hi @highperformerteams,

    We could try altering some more scan settings, but I’m mindful that I’ve not seen your site configuration in more detail yet. It may allow me to provide more specific instructions to see your diagnostic report. You can send that to wftest @ wordfence . com from the top of Wordfence > Tools > Diagnostics. Click on “Send Report by Email”.

    Please add your forum username where indicated and let me know again once you’ve sent it as the inbox is unmonitored.

    Thanks again,
    Peter.

    Thread Starter hpt

    (@highperformerteams)

    Thanks! I’ve just sent the report.

    Plugin Support wfpeter

    (@wfpeter)

    Hi @highperformerteams, thanks for sending that over.

    Something seems to be overriding max_execution_time as it’s reported as 50000 in your diagnostic rather than the figures we’ve both discussed. We do cap how long a scan stage will run even if that number is excessive, but changing Wordfence > All Options > Performance Options > Maximum execution time for each scan stage to 8 can help.

    Your list at Wordfence > All Options > Advanced Scan Options > Exclude files from scan that match these wildcard patterns is quite extensive. Whilst that list shouldn’t cause a failed scan, removing them is best in this case as I’m assuming they weren’t added manually.

    Also try:

    • Select Use low resource scanning and set Time limit that a scan can run in seconds to 0 (which will limit a scan to 3 hours)
    • Disabling Wordfence > All Options > General Options > Scan images, binary, and other files as if they were executable

    Thanks again,
    Peter.

Viewing 5 replies - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.