Support » Plugin: Wordfence Security - Firewall & Malware Scan » WordFence Memory Issue

  • Resolved emuninja



    I recently changed one of my websites to use 1G of memory and included the define WP_MEMORY_LIMIT of 1G.

    Unfortunately WordFence appears to be overwriting this value with 128M which is causing a number of memory issues on a large site.

    I think I’ve tracked it down to line 38 of wordfence.php where you cast the memory limit to an int.

    if((int) @ini_get('memory_limit') < 128){
        if(strpos(ini_get('disable_functions'), 'ini_set') === false){
    	@ini_set('memory_limit', '128M'); //Some hosts have ini set at as little as 32 megs. 64 is the min sane amount of memory.

    In my case, 1G gets cast to 1, being less than 128 and setting the limit.

    Let me know if you need any more information to replicate this issue.

Viewing 7 replies - 1 through 7 (of 7 total)
  • wfyann


    Hi @emuninja,

    Does the issue persist if you set a value of “1024M” for WP_MEMORY_LIMIT?



    Hi @wfyann

    Unfortunately yes. The plugin is reading the ini and unless I have the ini value set to something larger than 128 (when cast to an int) then the ini value gets overridden to 128M.

    If I set my site ini to 768M, then the 1024M WP_MEMORY_LIMIT is used. I would also assume if I set the site ini to 1024M it would also work correctly, but I don’t easily have that option from my hosting cPanel.

    There is a note on the PHP site around reading memory size limits that might be helpful:




    You could also try to modify the value for “How much memory should Wordfence request when scanning“.

    You’ll find the parameter on the Wordfence –> Options page.



    Hi @wfyann

    You can, but that should only affect the install when running a scan, the bug I described in my first post affects the entire WordPress install for every request.

    For larger (ie eCommerce) sites this could be a huge issue and hopefully can be fixed in an update very soon.

    I’m having the same problem. Wordfence is lowering the site’s memory limit to 128MB, ignoring values set elsewhere. These lines of code are broken, and there are examples elsewhere in WordPress of how to handle this better.

    This logic could be shifted out to wp_raise_memory_limit() with a custom context to set the desired limit.

    I’d submit a pull request, but I can’t see an obvious place to do that.

    For now, I’ve had to manually patch line 41 of wordfence.php to increase the limit. Not a great solution, but given the lack of filter here I don’t have many other options.

    Anthony Eden.

    Ideally, this code shouldn’t exist.

    A check of memory limits is fine to disable/show a warning, but plugins should not be setting their own memory limits.

    I’ve started moving some of my sites away from WordFence due to this and the performance hit it puts on a website.

    You must be f**** kidding !
    spent 2 hours to locate this awesome absurdity…

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘WordFence Memory Issue’ is closed to new replies.