WordPress.org

Forums

Wordfence Security
[resolved] cache enabling issue with htaccess (7 posts)

  1. scrippsadmin
    Member
    Posted 1 year ago #

    I am having the same problem as mentioned in this thread :
    http://wordpress.org/support/topic/falcon-activation-problem-and-a-workaround . When enabling (or subsequently disabling) the cache I get this error:

    Problem disabling caching.

    We could not disable caching because you have code in your .htaccess file that could not be removed by Wordfence. You need to go in and remove any Wordfence code from your .htaccess file yourself. Then return here and disable caching. The error we received was: fopen(/path/to/blog//.htaccess) [function.fopen]: failed to open stream: Permission denied

    My htaccess permissions are
    -rw-r--r-- 1 root root 487 Aug 2 2013 .htaccess

    Any idea of changing ownership of the htaccess file (or group) might help?

    Thanks!

    tim

    https://wordpress.org/plugins/wordfence/

  2. scrippsadmin
    Member
    Posted 1 year ago #

    I can provide error logs in whole if needed. Below greps for site specific.

    # tail -10000 /var/log/httpd/error_log | grep leadership<br />
    [Tue Apr 08 08:13:45 2014] [error] [client x.x.x.x] PHP Warning:  fopen(/path/to/blog//.htaccess) [<a href='function.fopen'>function.fopen</a>]: failed to open stream: Permission denied in /path/to/blog/wp-content/plugins/wordfence/lib/wfCache.php on line 357, referer: http://stg-leadershipforum.scrippsnetworks.com/wp-admin/admin.php?page=WordfenceSitePerf<br />
    [Tue Apr 08 08:14:11 2014] [error] [client x.x.x.x] PHP Warning:  fopen(/path/to/blog//.htaccess) [<a href='function.fopen'>function.fopen</a>]: failed to open stream: Permission denied in /path/to/blog/wp-content/plugins/wordfence/lib/wfCache.php on line 357, referer: http://stg-leadershipforum.scrippsnetworks.com/wp-admin/admin.php?page=WordfenceSitePerf<br />
    [Tue Apr 08 08:22:16 2014] [error] [client x.x.x.x] PHP Warning:  fopen(/path/to/blog//.htaccess) [<a href='function.fopen'>function.fopen</a>]: failed to open stream: Permission denied in /path/to/blog/wp-content/plugins/wordfence/lib/wfCache.php on line 357, referer: http://stg-leadershipforum.scrippsnetworks.com/wp-admin/admin.php?page=WordfenceSitePerf<br />
    [Tue Apr 08 08:25:50 2014] [error] [client x.x.x.x] PHP Warning:  fopen(/path/to/blog//.htaccess) [<a href='function.fopen'>function.fopen</a>]: failed to open stream: Permission denied in /path/to/blog/wp-content/plugins/wordfence/lib/wfCache.php on line 357, referer: http://stg-leadershipforum.scrippsnetworks.com/wp-admin/admin.php?page=WordfenceSitePerf<br />
    [Tue Apr 08 08:25:58 2014] [error] [client x.x.x.x] PHP Warning:  fopen(/path/to/blog//.htaccess) [<a href='function.fopen'>function.fopen</a>]: failed to open stream: Permission denied in /path/to/blog/wp-content/plugins/wordfence/lib/wfCache.php on line 357, referer: http://stg-leadershipforum.scrippsnetworks.com/wp-admin/admin.php?page=WordfenceSitePerf<br />
    [Tue Apr 08 08:39:03 2014] [error] [client x.x.x.x] PHP Warning:  fopen(/path/to/blog//.htaccess) [<a href='function.fopen'>function.fopen</a>]: failed to open stream: Permission denied in /path/to/blog/wp-content/plugins/wordfence/lib/wfCache.php on line 357, referer: http://stg-leadershipforum.scrippsnetworks.com/wp-admin/admin.php?page=WordfenceSitePerf<br />
    [Tue Apr 08 08:41:30 2014] [error] [client 10.69.118.139] PHP Warning:  scandir(/path/to/blog/wp-content/wfcache/) [<a href='function.scandir'>function.scandir</a>]: failed to open dir: No such file or directory in /path/to/blog/wp-content/plugins/wordfence/lib/wfCache.php on line 250, referer: http://stg-leadershipforum.scrippsnetworks.com/wp-admin/admin.php?page=WordfenceSitePerf<br />
    [Tue Apr 08 08:41:30 2014] [error] [client x.x.x.x] PHP Warning:  scandir() [<a href='function.scandir'>function.scandir</a>]: (errno 2): No such file or directory in /path/to/blog/wp-content/plugins/wordfence/lib/wfCache.php on line 250, referer: http://stg-leadershipforum.scrippsnetworks.com/wp-admin/admin.php?page=WordfenceSitePerf<br />
    [Tue Apr 08 08:41:30 2014] [error] [client 10.69.118.139] PHP Warning:  array_diff() [<a href='function.array-diff'>function.array-diff</a>]: Argument #1 is not an array in /path/to/blog/wp-content/plugins/wordfence/lib/wfCache.php on line 250, referer: http://stg-leadershipforum.scrippsnetworks.com/wp-admin/admin.php?page=WordfenceSitePerf<br />
    [Tue Apr 08 08:41:30 2014] [error] [client x.x.x.x] PHP Warning:  Invalid argument supplied for foreach() in /path/to/blog/wp-content/plugins/wordfence/lib/wfCache.php on line 251, referer: http://stg-leadershipforum.scrippsnetworks.com/wp-admin/admin.php?page=WordfenceSitePerf<br />

    Note edited to remove actual file paths and ip addresses

  3. Wordfence
    Member
    Plugin Author

    Posted 1 year ago #

    Hi @scrippsadmin

    How did you get Wordfence to write the permissions to your .htaccess initially? Did you change the permissions to allow your web server to write to it? Or did you change the file ownership?

    Whatever you did, you need to change it back to that to disable caching.

    Let me know.

    Regards,

    Mark.

  4. scrippsadmin
    Member
    Posted 1 year ago #

    I'm not sure we ever had to. On any of the sites we have (10+ domains) I can't recall having to make any changes to .htaccess from the defaults that wordpress uses when you alter the permalinks (excepting adding the Limit option in the httpd.conf file to fix a small issue)

    I was thinking a smart workaround would be to do like wordpress permalinks do and show the code to add if the file isn't writeable. I can alter it to make it 777 until after caching is enabled if that helps?

    By the way, still really grateful for the plugin. During the big attack on everyone a few months back it was extremely helpful to be able to show the business the graphics on your site showing all the bad requests and how wordfence was handling it. Also made justifying our multi-license purchase of wordfence to them :)

    tim

  5. Wordfence
    Member
    Plugin Author

    Posted 1 year ago #

    That's great news Tim, thanks for the positive feedback. I'll share it with the team.

    OK, that's a great idea. We'll detect if .htaccess is not writable and fall back to showing you the code to insert.

    For now you'll have to modify the permissions manually back and forth.

    By the way, check out the attack that we saw over the weekend:

    http://www.wordfence.com/

    Was a big one that came in waves. We're hoping to do more quantitative analysis on the data we're collecting from each attack for research which we'll publish.

    Also we launched a beta program and have changed our release process as the business grows up, so join it if you're interested in getting early beta releases:

    http://www.wordfence.com/sign-up-for-the-wordfence-beta-program/

    Regards,

    Mark.

  6. scrippsadmin
    Member
    Posted 1 year ago #

    Yeah, I'm still getting hammered by attempts. Good thing I changed the default admin name. It'd be funnier if I could redirect all invalid usernames to a certain site of dubious nature and internet legend like ***spin.com :)

    I'll keep this open for the time being and try the htaccess trick on the test server

    tim

  7. scrippsadmin
    Member
    Posted 1 year ago #

    So I altered the htaccess files which allowed the install to proceed. Enabling the 2 to 3 times faster option worked and only had to create the /opt/local/www/blogs/BLOGNAME/wp-content/wfcache directory manually also had to open up perms to 777n which Im not thrilled about but will play with to see what user needs to own it so I can lock it down.

    Enabling the falcon engine crashed the site with a 500 internal server error. I looked at the htaccess now and saw this:

    cat .htaccess
    #WFIPBLOCKS - Do not remove this line. Disable Web Caching in Wordfence to remove this data.
    Order Deny,Allow
    #Do not remove this line. Disable Web Caching in Wordfence to remove this data - WFIPBLOCKS
    #WFCACHECODE - Do not remove this line. Disable Web Caching in Wordfence to remove this data.
    <IfModule mod_deflate.c>
    AddOutputFilterByType DEFLATE text/css text/x-component application/x-javascript application/javascript text/javascript text/x-js text/html text/richtext image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon application/json
    <IfModule mod_headers.c>
    Header append Vary User-Agent env=!dont-vary
    </IfModule>
    <IfModule mod_mime.c>
    AddOutputFilter DEFL
    ~

    As you can see it looks like it didn't write the whole file. Im going to try turning off. Replacing the file with original and then re-enabling to see if it writes completely.

    tim

Topic Closed

This topic has been closed to new replies.

About this Plugin

  • Wordfence Security
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic