Support » Plugin: Anti-Malware Security and Brute-Force Firewall » Another Plugin or Theme is using ‘GFForms::ensure_hook_js_output’

  • Resolved peterbutler

    (@peterbutler)


    I’m not sure what this error is:

    Another Plugin or Theme is using 'GFForms::ensure_hook_js_output' to handle output buffers.
    This prevents actively outputing the buffer on-the-fly and could severely degrade the performance of this (and many other) Plugins.
    Consider disabling caching and compression plugins (at least during the scanning process).
Viewing 2 replies - 1 through 2 (of 2 total)
  • serpcom

    (@serpcom)

    @peterbutler Yeah we use this plugin extensively on hundreds of sites and I started seeing this pop up about the time of your post and I was hoping someone would respond.

    But what I learned is sometimes the message is in black text and sometimes it’s in red, perhaps clickable to something. I did notice that I could not start a scan or the scans were slow. But what I did was disable the following list of plugins. Note all of our sites are on network installs so I disabled them network wide,

    1. Redis Cache (First I flushed, then disabled, and then disabled the plugin.)
    2. Cloudflare
    3. WP Optimize
    4. Titan Anti-spam & Security (I’m guessing it’s this one as this has been a problematic plugin from the day they made the upgrade to a paid version. I’m still using the free version.)
    5. Smush Pro

    Once I did that, the message did not go away but my scan began to fly.

    Hope this helps.

    I googled the error message, and parts of it but found nothing worthwhile.

    Also I’m wondering if GFForms is part of Gravity Forms which we use on all sites and I can’t disable that as all the forms will stop working on all the sites.

    Wondering if anyone knows anythinh.

    Plugin Author Eli

    (@scheeeli)

    To shed more light on this topic for both of you and anyone else who sees a message like this…
    I wrote this warning into my plugin to detect any custom output buffers and display the name of the output buffer being invoked on my Anti-Malware Settings page.

    In general this warning serves as an FYI and does not necessarily indicate any real problem. However, as you have found @serpcom, interference with the output caused by a buffer handler from another plugin or theme can sometimes cause the scan to be slow or stall or even cause it to fail completely.

    I personally feel that it is inappropriate for anyone to tamper with the output from another developer’s plugin (as this warning implies). How would they know that it’s not going to mess up the results of another plugin (like with my scan)? In most cases the buffer is unchanged and thus does not affect the output from my plugin but I still think it’s either sloppy or lazy to invoke and buffer handler that is not needed or used in the wp-admin. Most uses for this kind of code are to either filter or capture the output on the front-end of your site, as with caching and on-the-fly content modification, which is not needed on the back-end.

    What it comes down to is that if your scan results are not affected then you probably don’t need to worry about it, but if you experience degraded performance during the malware scan the you need to try deactivating the plugin responsible for this output buffer handler.

Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.