Support » Plugin: Wordfence Security - Firewall & Malware Scan » Too Many Admin-Ajax.php calls?

  • Resolved macaroniduck

    (@macaroniduck)


    WordPress 5.2.1
    WordFence 7.3.3
    PHP 7.1

    Quick initial question – Is there a way to disable WordFence, or mitigate it’s actions, when logged in as admin, especially while editing/saving posts/page?

    Here’s why:

    I have been trying to solve an intermittent 503 error for a couple of weeks now. It’s been difficult to pin down as it rarely happens, and I’ve not identified a universal action/trigger for it. It appears that the event only happens when editing/saving a post/page. It may be important to note that I’m using Divi and I’ve only experienced the issue while saving a page via the Backend Builder (not the frontend/visual builder). It happens so inconsistently, however, I can’t be sure that’s the only trigger.

    Here’s the key point. The PHP Error log looks like this each time the 503 occurs:

    [Fri Jun 14 08:25:46.610993 2019] [:error] [pid 7373] Execute of /home/seren714/staging/6/index.php stopped because of load 31.90
    [Fri Jun 14 08:25:46.610775 2019] [:error] [pid 7373] Execute of /home/seren714/staging/6/wp-admin/post.php stopped because of load 31.90
    [Fri Jun 14 08:25:46.384251 2019] [:error] [pid 5410] Execute of /home/seren714/staging/6/index.php stopped because of load 31.90
    [Fri Jun 14 08:25:46.384222 2019] [:error] [pid 6141] Execute of /home/seren714/staging/6/index.php stopped because of load 31.90

    My host (SiteGround) has consistently said that the load appears to be due to an overabundance of admin-ajax.php calls. Indeed the raw logs show a number of admin-ajax.php calls before and leading up to the 503 errors.

    Here’s where WordFence comes in. When I run the Google toolbox/console and watch for what programs hit admin-ajax.php, WordFence is responsible for all of the calls except for one (Divi makes one). WordFence continues to make them as I open different Divi modules, save, etc. This seems like expected behavior as I’m guessing WordFence is verifying the saves are coming from the right IP, etc.

    In the end, however, I can only continue to test this issue if I can identify/eliminate whatever is creating the admin-ajax.php calls that appear to cause the load issue. I’d rather not turn WordFence completely off. Obviously, I could try all of this on a staging site, etc. but again, the issue is so intermittent, I don’t know what I can specifically do to trigger it in short order.

    If I can safely stop or slow the admin-ajax.php calls, I can at least either verify or rule out that as the true cause of the issue.

    For reference, a number of things have already been done:
    Heartbeat is turned off for post editor
    memory and other limits have been increased as typically needed for Divi
    along with many others.

    I’m hopeful someone has some helpful tips!

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support wfphil

    (@wfphil)

    Hi @macaroniduck

    Here are some things that might help:

    1) In the General Wordfence Options section on the All Options page make sure that the option Pause live updates when window loses focus is enabled.

    2) You may want to increase the option Update interval in seconds to 15

    3) Switch the Live Traffic logging mode to SECURITY ONLY.

    4) If you are running High Sensitivity scans then switch to the Standard Scan.

    @wfphil,I greatly appreciate you taking a moment to reply. I believe I must have seen similar recommendations in other thread somewhere as I have implemented all of these changes.

    The issue is quite perplexing as I can’t reliably reproduce it every time an action is taken. In other words, the only time I’m seeing it triggered is when saving a post/page while in the Divi Back-end builder (haven’t observed it in the front end). In continued testing on a staging site the other day, it look me a full 15 minutes of editing and saving before the issue was triggered. It took a bit longer to trigger it a second time as I turned some plug-ins off. This makes it problematic to take the “turn off all plug-ins and enable them one by one” approach.

    It’s starting to look like my particular set up just isn’t going to work well on SiteGround. Perhaps this issue only comes up as I’m approaching limits they’ve placed on the server (though I’m on a cloud server so those aren’t supposed to be an issue). Nothing against SiteGround as I’ve always had good experiences with them, but I may need to experiment with trying this site with a different host to see if I observe the same issue.

    Plugin Support wfphil

    (@wfphil)

    Hi @macaroniduck

    Without knowing what is causing the excessive load then the tips I provided may or may not help. We aren’t seeing multiple cases of this and Wordfence runs very well on SiteGround hosting.

    What you could do is install the WordPress Health Check & Troubleshooting plugin as the troubleshooting mode only affects your admin session and doesn’t affect front end users. You could disable all plugins and enable them one by one and try to replicate the issue to see if you can find out what my be causing the issue.

Viewing 3 replies - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.