Support » Plugin: Wordfence Security - Firewall & Malware Scan » Wordfence causing 500 Internal Server Error

  • Resolved techtangerine

    (@techtangerine)


    I think I may have come across a rather unusual situation/bug in which Wordfence causes the entire website to display a 500 Internal Server error, making it inaccessible.

    I noticed this was the state of my website.

    I tried updating wordpress and all the plugins using ssh (WP-CLI). It threw back the following error:

    Fatal error: Cannot redeclare wp_get_server_protocol() (previously
    declared in /
    home/public/wp-includes/load.php:16) in
    /home/public/wp-includes/load.php on line 21 

    I contacted my webhost, and they hinted that this was sometimes related to auto_prepend being enabled in php.ini. As you may be aware, Wordfence recommends manually enabling this. I disabled it, and then the website and Wordfence functioned like normal.

    But since I wanted to enable auto-prepend, Ire-enabled it and played around. The site went 500 multiple times, and the only way to get it online was to disable auto_prepend.

    Now, I have two WP sites on the same server. The other never showed any such issue, even though auto-prepend is enabled on it too. So I decided to compare the WF Diagnostics page of both. I noticed that on the site which was going 500, under Connectivity>Connecting Back to this site showed an error:
    wp_remote_post() test back to this server failed! Response was: 500 Internal Server Error

    Whitelisting the server IP seems t have fixed it, but I am keeping my fingers crossed.

Viewing 1 replies (of 1 total)
  • Plugin Support wfdave

    (@wfdave)

    Hi @techtangerine,

    There’s two different things going on here and it looks like you already solved one of them.

    1. wp_remote_post() test error

    When the server tries to connect to itself, it’s being blocked by itself. So whitelisting the server IP is the solution (which you already did).

    2. Cannot redeclare wp_get_server_protocol() error

    Wordfence’s WAF is not meant to be run alongside command line scripts (ex: WP-CLI). What you can do to prevent WP-CLI from also loading Wordfence is by passing these two parameters in the command line:

    wp --skip-themes --skip-pliugins

    Dave

Viewing 1 replies (of 1 total)
  • You must be logged in to reply to this topic.