Support » Plugin: Wordfence Security - Firewall & Malware Scan » Activated service = SITE DOWN INTERNAL ERROR

  • So, it killed my whole site, i had to strip Apache to bits to get this working again once it “secured my site”, it was so secure not even the website worked anymore.

    Good going lads.

    Once i fixed Apache this plugin was removed at the speed of light.

Viewing 7 replies - 1 through 7 (of 7 total)
  • Hi @sfxgroup!
    Sorry to hear you had problems installing Wordfence. I’m not sure what you mean when you say you stripped Apache to bits so if you can elaborate a bit on that it would be great. Wordfence is a PHP application and as such it doesn’t affect Apache configs in any permanent way. Simply removing the plugin would fix an internal server error.

    When an internal server error happens an error will be logged in the sites PHP error logs. Did you take notice of what the error was?

    Thanks in advance!

    Hi

    It concerns me when you say “it doesn’t affect Apache configs in any permanent way” as you clearly know it re-writes the .htaccess file which DOES change Apache in a “permanent way” as its then taken as part of the .conf file, so until you find this its changed permanently.

    If you really are not aware of this, then i became more knowledgeable than you in the 10 mins i used it.

    • This reply was modified 1 year, 5 months ago by sfxgroup.
    • This reply was modified 1 year, 5 months ago by sfxgroup.

    Hi again!
    Wordfence writes to .htaccess when the Wordfence Firewall is Optimized to set a PHP value (auto_prepend_file). This is a php.ini directive and not an apache config. Depending on your server setup, we also add code to hide .user.ini.

    I agree with you that modifications to .htaccess would be permanent if you can’t find .htaccess.

    I’m very curious to hear exactly what the logged error message was. If I can find that out I can file a report with quality assurance regarding the issue.

    Thanks!

    Hi

    I need to know what else this did in the back end of that virtual site to make sure ALL changes are reversed, you seem to imply the .htaccess file is the tip of an iceberg.

    The plugin was deactivated then deleted, so i assume any log files you might want are also gone?

    Hi!
    The only changes Wordfence makes to existing files in the system are the ones I’ve already mentioned. Wordfence adds a file called wordfence-waf.php in the root of the WordPress installation and a folder called wflogs in wp-content. If you remove the plugin folder manually, those may remain but they will not be loaded the code that loads them (the plugin code) has been removed. They can be removed manually.

    What I’m looking for is the PHP error message that was logged in your PHP error log when you had an internal server error. PHP error messages are logged in the server error logs. They do not disappear when you remove PHP applications from your site. If you have debug mode enabled in WordPress PHP errors can also be logged in debug.log in wp-content.

    Hi

    Ive listed for deletion the items you mentioned and they were both still there (php file and the logs directory) (the plugin was removed by WP console).

    However i am seeing in the error lot a lot of this

    <IfModule not allowed here, referer: http://dev.griffcomm.ca/wp-admin/admin.php?page=WordfenceWAF&subpage=waf_options

    The above appears is the reason the whole server was bricked as it was mis-configured by that point.

    It wouldnt run any PHP then, just had server error

    Hi,
    Yes that would be happening because your apache config does not allow overrides via .htaccess. You’d have to change the apache conf to AllowOverride All.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Activated service = SITE DOWN INTERNAL ERROR’ is closed to new replies.