Permission for cache folder wp_wfConfig.MYD

Resolved bulewold
(@bulewold)

7 years, 12 months ago

Two separate issues.

1. Just got a notification from server admin that I have some infected files which includes following:
/var/lib/mysql/wptempla_wp1/wp_wfConfig.MYD

Do you have any reason why? Or can I simply delete this file?

2. One a AWS apache server, we just installed wordfence and enabled caching and on both caching, it says ‘We could not write to the file /var/www/html/wp-content/wfcache/test.php when testing if the cache directory is writable. The error was: file_put_contents(/var/www/html/wp-content/wfcache/test.php): failed to open stream: Permission denied’

I tried it couple times by creating folder manually and it worked for little while then error came back when I tried clear cache.. It seems like permission is changing on it’s own.

Is this a known issue?

Thank you.

https://wordpress.org/plugins/wordfence/

Viewing 8 replies - 1 through 8 (of 8 total)

wfasa
(@wfasa)

7 years, 11 months ago

Hello bulewold,

1. Yes, we have just confirmed this as a bug that some server virus scanners will flag wfConfig. It’s a false positive and we will have a fix out as soon as possible. Deleting wfConfig table is not advisable as it is needed by Wordfence.

2. When it stops working, could you a) check the file permissions on the folder wfcache and b) check the group and owner of the folder wfcache and compare to whatever user apache/php is running as? Let me know if you need more details on how to do that.

Thread Starter bulewold
(@bulewold)

7 years, 11 months ago

Great! Yes, I figured so I’ve been keep it pending till now. Thanks.

and on 2nd issue, I noticed that permission is keep changing and we tried setting owner of the wfcache folder as apache and group and in both cases, permission would revert on its own…

Now on my other servers, this does not happen so this may not be anything to do with WF but just wanted to cross it out as a possibility.

wfasa
(@wfasa)

7 years, 11 months ago

Hello bulewold,
I have heard about this permissions change from a couple more users but it’s not 100% clear yet why it does this on some sites. Can you think of anything that differs between the sever where this happens and the other ones?

Thread Starter bulewold
(@bulewold)

7 years, 11 months ago

I actually do. Beside being in AWS which I know do things a bit differently…

AWS server use apache + WHM but NO cpanel.

All my other sites use cpanel and never had an issue. I don’t have AWS environment to test this but this could be the reason because folder owner gets confused? when there is no Cpanel to take ownership???

wfasa
(@wfasa)

7 years, 11 months ago

Thanks bulewold, I’m thinking it’s more likely something that AWS does differently than the absence of cpanel. I can’t give you an answer this very moment but I’ll look over the other threads again and discuss it with team and see if we can come up with something. Thanks for your help.

Thread Starter bulewold
(@bulewold)

7 years, 11 months ago

thx & happy to help to those who makes awesome plugins! I did suggest company I work with to just create a cpanel and move WP into it as an easy solution. 🙂

Thread Starter bulewold
(@bulewold)

7 years, 11 months ago

I haven’t tested this but wanted to share.
http://docs.aws.amazon.com/cli/latest/reference/s3/sync.html

My team says this process within AWS which does automatic backup was keep changing permission around.

As soon as I get chance to test, I’ll update you on this but something you can look into as well if you have the chance. 🙂

wfasa
(@wfasa)

7 years, 11 months ago

Ah thanks bulewold,
so AWS CLI is running as a different user than the php process and this creates a permission conflict on wfcache/test.php? To my knowledge this is the only report we have specifically related to AWS. (We have had a couple related to WP-CLI involving config.php and attackdata.php and have a fix for that coming up in a Wordfence version soon.)

Viewing 8 replies - 1 through 8 (of 8 total)

The topic ‘Permission for cache folder wp_wfConfig.MYD’ is closed to new replies.