• This problem was supposed to have been resolved and to fail silently when the site is not responding and avoid interfering and breaking operations but its once again doing the exact same thing.

    Sucuri: (1451309722) Send_log: connect() timed out!. This generally happens when the API service fails to respond in time, you currently have configured the plugin to discard the network connection after 300 seconds. Wait a few minutes until the issue is resolved by itself, or change the timeout limit from the general settings page of the plugin, the option is named “API request timeout”.

    Sucuri: (1451309800) Send_log: SSL connection timeout.

    What the hell people?

    https://wordpress.org/plugins/sucuri-scanner/

Viewing 15 replies - 1 through 15 (of 18 total)
  • Plugin Author yorman

    (@yorman)

    A co-worker suggested a solution that may fix this issue once and for all, wait for the public release of the next version to get the new code that will ship with the improvements.

    I am seeing this issue frequently on dozens of installations, and it’s a frustrating one for sure. Can really make it difficult to administer a site.

    How can I disable the logging feature entirely?

    Thanks

    Ok, will do, in the meantime the only way to resolve it has been to remove the API key which is now giving the added annoyance of having the warning that the plugin is not fully configured following you around.

    @yorman, before you edited the message you posted before this one, the fact is that if you look at the error you see that the timeout IS at 300 and not default 90.

    Plugin Author yorman

    (@yorman)

    What I meant to say is that the plugin uses 90 secs by default and when the errors appears for the first time it automatically increases the timeout to 300 secs.

    @madjax as @guardian74 suggested you can remove the API key, that will deactivate the event monitor. You can recover the key later when the next version is released which will contain the fix that my co-worker suggested to remove the warning.

    Edit: I just submitted the patch to the WordPress repository [1], you can download the development version of the plugin [2] to start using the new code, or you can wait until the official public release.

    [1] https://plugins.trac.wordpress.org/changeset/1317690
    [2] https://downloads.wordpress.org/plugin/sucuri-scanner.zip

    Perhaps also removing the sending of logs for every single action, including the trivial ones like previewing a post would also cut down on the traffic and unnecessary chatter too. Unless its an actual “security” event as defined by a narrow set of principles, it shouldn’t be “logged” anyway. It might be a bit overzealous in how much data it gathers on activity on a site, that has always made me uncomfortable actually. And honestly its not really clear what the added benefit is provided by the API key, its scope keeps changing. It seems to take more data about activity than it provides anything beneficial in return. Just saying.

    Plugin Author yorman

    (@yorman)

    Yes, you may be right. Among the new features that will be shipped with the next release there is going to be an option to decentralize the event monitor which will allow you to remove the dependency of the Sucuri API so you can implement your own service, alternatively you will be able to send the logs to a local file in your server which will remove the HTTP requirement and reduce the latency significantly.

    These changes were submitted to the WordPress repository several days ago, you can check them now if you want installing the development version of the plugin [1], go to the general settings page, and locate the new “Log Exporter” panel, there you will find instructions of how to use it.

    More information about the API issues here [2][3][4].

    [1] https://downloads.wordpress.org/plugin/sucuri-scanner.zip
    [2] http://status.linode.com/incidents/tqdb3l44lxhq
    [3] http://status.linode.com/incidents/rs27gmmr9zqs
    [4] http://status.linode.com/

    Plugin Author yorman

    (@yorman)

    By the way, you can keep using the plugin normally without the API key, and hide the “annoying” big blue button that suggests to generate it by clicking the link that says “Do not show this again” inside the modal container that appears when you click that button.

    Thanks Yorman, I really do appreciate this plugin and the functionality it provides.

    Will there be an option to disable the event logging entirely if desired?

    Thank you, will do.

    When will this new version be available? I am currently unable to post an edited post.

    I am with Jackson – love the plugin and appreciate all your work. Errors like that just make it difficult to use, i.e., at some point the question is if I rather risk a security issue before not being able to use the site at all … it’s kind of a show stopper.

    Plugin Author yorman

    (@yorman)

    @madjax yes there will be an option to disable the event monitor completely, actually it already exists but is implicit, if you remove the API key the plugin will not communicate with the API service at all so the event monitor will do nothing. The new code (that you can get downloading the development version [1]) includes a new option in the “API Service” panel located in the settings page named “API Service Communication”, you can disable that to stop the event monitor if you do not want to delete the API key (just in case).

    Additionally, you can enable the “Log Exporter” which is basically the same event monitor but without the API service, the plugin will log the events in a local file in your server so there will not be a latency as the HTTP requests will not be executed. Unfortunately, disabling the API service communication will also disable the “Audit Logs” panel, even if you enable the “Log Exporter” the plugin will not use that local file to display the logs in the plugin’s dashboard, I will change that in the future but it will not be shipped in the next version, maybe in the second next version.

    @stefhz try my suggestion from this other thread [2] some people has said that after following these instructions (using the development version of the code) solved the issue, give it a try and if it does not works then disable the API communication completely, that will surely fix the issue, it will disable the security logs though.

    [1] https://downloads.wordpress.org/plugin/sucuri-scanner.zip
    [2] https://wordpress.org/support/topic/failed-to-connect-to-wordpresssucurinet-port

    Hi – Thanks for the quick response.

    I’ve installed the dev version, and just installing that code did not resolve the issue. I then took the steps you suggested in the other thread mentioned above (reducing timeout to below 5 seconds), which seemed to have made a difference.

    In addition I switched off API Service Communication and enabled the Log Exporter, since the site has been much faster this afternoon, after I temporarily had disabled the plugin all together.

    Increasing and reducing doesn’t help. It’s still there. The Plugin worked so well for month, why it is now doing a such annoying problem?

    @dbued: just fyi – this only works with the version from the developer track (link posted above in earlier posts). That version is not published yet, i.e., use at your own risk. It works well for me.

Viewing 15 replies - 1 through 15 (of 18 total)
  • You must be logged in to reply to this topic.