Support » Plugin: Wordfence Security - Firewall & Malware Scan » Scans never complete, admin-ajax.php

  • Resolved pingram

    (@pingram3541)


    I can’t seem to complete scans on a particular site. The activity logs gets stuck on: Analyzed 400 files containing 5.56 MB of data so far but not always the same spot. I find that if I check the browser inspector initially while the scan is running everything is fine and no errors. However if I check after the scanner appears to be stuck for a while, I see a 404 for admin-ajax.php. Is this the hosting environment?

    I have 256M memory_limit and very little plugins on this site while another runs with tons of plugins, page builders, seo tools, tracking scripts etc with only 40M memory_limit and scans complete just fine. Do you think it’s possible the host is specifically watching admin-ajax.php and resetting connections that go beyond some threshold?

    I have chosen the low resource scanning method as well but same result. Any help is appreciated.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author WFMattR

    (@wfmattr)

    Hi,

    Yes, it’s most likely something to do with the hosting environment — it’s strange for admin-ajax.php to return a 404 if the environment is working normally.

    If the host is running the LiteSpeed web server, try the fix in .htaccess here:
    https://docs.wordfence.com/en/LiteSpeed_aborts_Wordfence_scans_and_updates._How_do_I_prevent_that%3F

    You can also check the error logs for the site, but may have to enable them on some hosts if they’re not on by default. I’ve seen a few cases where a 404 on an existing script can be caused by a timeout that would normally cause a 500 error.

    If the host is running mod_security, it’s possible they have some rules that are causing false positives — most wouldn’t return a 404, but some custom rules or connections dropped by mod_security while behind a proxy could cause that.

    -Matt R

    It was the host.

    Basically we had a host that was very low on resources the wp auto update from 4.7.1 to 4.7.2 kept failing but no one was logging into the site to know this.

    Because of this they got hacked (REST API) and while I was trying to clean it up the host also became aware of the hack and placed further resource restrictions in place which actually thwarted my efforts in patching everything up.

    I couldn’t even update most plugins and every time the site would get stuck in maintenance mode forcing me to manually delete the .maintenance file. Every time this occurred I would see either a 404, 503/504 error regarding core scripts and/or admin-ajax.php in the console.

    Upon asking the host to lift the limits so I could finish cleaning everything up, they decided to permanently suspended the account due to TOS violations, of which, getting hacked was the violation.

    Feels very catch22 but rather than argue we’ve since changed hosts and everything is purring along nicely again.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Scans never complete, admin-ajax.php’ is closed to new replies.