Support » Plugin: W3 Total Cache » Security Issue (?)

  • Hi guys.
    So after browsing through my server logs I found a TON of erros relenting:

    ALERT – script tried to increase max_execution_time to 600 seconds which is invalid or above the allowed value (attacker ‘xxxx’, file ‘xxxx/wp-content/plugins/w3-total-cache/lib/W3/Cache/File.php’, line 281).

    What might be causing this? Is this a security threat or just a miss-configuration on my part? This is causing insane CPU usage.

    Thanks in advance.

    https://wordpress.org/plugins/w3-total-cache/

Viewing 4 replies - 1 through 4 (of 4 total)
  • I had the exact same issue, here is what you need to do

    go to the path “wp-content\plugins\w3-total-cache\lib\W3\Plugin\TotalCache.php”

    Open the file TotalCache.php, and look for the function called function ob_callback. The code will look like

    function ob_callback(&$buffer) {

    Remove the “&”, so your code now will look like –

    function ob_callback($buffer) {

    Thanks for the help, but after the change the problem still persists.
    Any other ideas? 🙂

    the problem is in /wp-content/plugins/w3-total-cache/lib/W3/Cache/File.php line 281

    @set_time_limit($this->_flush_timelimit);

    flush_timelimit is set at 600 seconds in /wp-content/w3tc-config/master.php

    'timelimit.cache_flush' => 600,

    this value is big because W3TC try to flushes all data in cache.

    try to decrease default value but i don’t knwow if this is safe.

    It sounds like a false positive maybe mod-security is conflicting with it.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Security Issue (?)’ is closed to new replies.