WordPress.org

Ready to get started?Download WordPress

Forums

Wordfence Security
[resolved] PHP error, non-routine scanning, IP blocks gone (2 posts)

  1. xanaftp
    Member
    Posted 2 years ago #

    WordPress version: 3.4.1
    Plugin version: Most recent one as of July 10, 2012, 1231pm EDT

    Problem 1: During Wordfence scan, it spits out this error in the logs from time to time: Wordfence DB error in /media/www/wp-content/plugins/wordfence/lib/wfLog.php line 474: BIGINT UNSIGNED value is out of range in '(('1341797005' + 86400) - unix_timestamp())'

    How to reproduce: Do a Wordfence scan and check the logs during the scan
    Frequency: A number of times every scan
    Priority: Low
    Severity: Minor
    Assumed fix: Change database column type?

    Problem 2: Non-routine scanning

    Sometimes Wordfence does not do a scan when it is supposed to... assuming it's a cronjob error. Cronjobs are enabled and being executed every 5 minutes.

    How to reproduce: Check Wordfence every day for a period of time and eventually you'll notice it is no longer routinely scanning until you initiate a manual scan.
    Frequency: Random
    Priority: High
    Severity: Minor

    Problem 3: IP permanent blocks not being permanent

    Permanently blocking an IP actually is not permanent... it's just like the time-limited block.

    How to reproduce: Block an IP address from live traffic. Then go under Blocked IPs and click block permanently for that IP. Wait for the duration you have set for a time-limited block and the permanent ban is gone.
    Frequency: Always
    Priority: High
    Severity: Major (because I can't permanently block IPs trying to hack the website

    I appreciate your help ahead of time!

    http://wordpress.org/extend/plugins/wordfence/

  2. Wordfence
    Member
    Plugin Author

    Posted 2 years ago #

    Thanks for the professional bug reports. This format and your effort is very very much appreciated.

    I've logged this in our bug tracker as priority 1 and we'll get to it ASAP.

    Initial feedback:

    Problem 1: Looks like MySQL doesn't like to compare a negative value against a bigint column so we're going to change the compared value rather than the column type.

    Problem 2: We occasionally decrease scanning frequency to reduce load on our servers. We will soon introduce a paid feature that lets you control this instead.

    Problem 3: We're aware of this but have had trouble reproducing it and I think your repro will help us get this fixed fast.

    Thanks again!!

    Mark Maunder.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic