Support » Plugin: Wordfence Security - Firewall & Malware Scan » wp_remote_post() test back to this server failed!

  • Resolved Paul Guijt

    (@paul-guijt)


    Hi,

    Yesterday I hardened PHP and Apache on my Raspberry Pi, and today I noticed that WordFence had issues with allow_url_fopen. Another thread on this forum led me to install cURL, and another one led me to checking the WordFence / Tools / Diagnostics page.

    There I found the red colored failure:
    Connecting back to this site -> wp_remote_post() test back to this server failed! Response was: cURL error 28: Resolving timed out after 10522 milliseconds<br />

    First of all: does it matter? And where to look, as I host my site myself?

    Regards,
    Paul

Viewing 3 replies - 1 through 3 (of 3 total)
  • Hi @paul-guijt,

    Yes, it does matter.

    In order for Wordfence to initiate scans your server needs to be able to connect to itself; so you need to make sure your server/network configuration allows this –it could be something in the .htaccess file or a firewall at the host level, for example.

    Alternatively you could try and enable the Start all scans remotely feature on the Wordfence –> Tools –> Diagnostics page.

    Thread Starter Paul Guijt

    (@paul-guijt)

    Ah, thanks. I’ll digg into that, and log my actions here for others with the same problem.

    Wordfence reports on the Scan page, that scans are done nicely.
    I deactivated all WordPress plugins save Wordfence, no effect.
    Removed .htaccess from my root, no effect.

    Saw in the .htaccess file the commented section on WAF, and in the Firewall section Basic WordPress Firewall. Ended up getting Extended protection by adding
    auto_prepend_file = ‘/…/wordfence-waf.php’ (note the ‘=’) and the Files section to my virtual host definition. Adding the section to .htaccess conflicted with my security setting.

    The logs didn’t give any (recognisable) answers.

    I found “In many cases you may be better served with wp_safe_remote_post” at https://codex.wordpress.org/Function_Reference/wp_remote_post.
    In wordfence/lib/wfDiagnostic.php I found “This causes cURL to throw errors in some versions since WordPress uses its own certificate bundle (‘CA certificate set, but certificate verification is disabled’)”

    So far so not good. I have to go to an appointment, and continue some other time.

    wfyann

    (@wfyann)

    Hi @paul-guijt,

    I just wanted to check with you if you’re still having this issue?

    Are you currently using the “Start all scans remotely“ option?

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘wp_remote_post() test back to this server failed!’ is closed to new replies.