Mark Maunder
Forum Replies Created
-
Hi,
Just want to make sure I understand. You’re getting the error “security concerns are better-handled by other measures”? Or what is the exact text of the error you’re getting. If you could post a screenshot to imgur.com that would help.
Thanks.
Awesome!
The only time we’ve seen this issue was when the database table that stores IP addresses got corrupted. So can you please scroll to the bottom of your wordfence options page, check the box to delete all wordfence data on deactivation. Then deactivate and reactivate the plugin.
You can find instructions here: http://docs.wordfence.com/en/I%27d_like_to_reinstall_Wordfence_completely._How_do_I_do_that%3F
This will delete all Wordfence tables and recreate them. However you’ll lose all blocked IP’s, all historical traffic and any other config or historical data but it’ll likely fix the issue.
Regards,
Mark.
Forum: Plugins
In reply to: [Wordfence Security - Firewall, Malware Scan, and Login Security] inet_pton()Hi,
So the issue you’re having is that you’re running the wp-cron which is really WordPress from the PHP command line. That means that WordPress does not normally have access to the usual data that it would have. And what you’re seeing is an error related to the fact that there is no IP address from an HTTP request- because you’re running PHP from the command line.
Doing this you may run into issues with some other plugins too that expect IP addresses or other HTTP request data during cron processing.
I’m going to log an issue to try to get this fixed – at least on our side. But until then we suggest you launch the wp-cron using an actual HTTP request which is started by something like wget or curl or another command line HTTP client.
Regards,
Mark.
Forum: Plugins
In reply to: [Wordfence Security - Firewall, Malware Scan, and Login Security] inet_pton()Hi Ken,
So you’re saying you don’t want to do a wget?
Thanks,
Mark.
Hi Becky,
Can you please post a new forum thread so we can track this and either Tim or I will reply to you there. Also ask your hosting provider if they compiled PHP without IPv6 support and tell us who your hosting provider is.
Thanks.
Mark.
Hi Jose,
You can manually disable any plugin on your site by renaming the plugin directory to something else.
e.g. if Wordfence is installed in /wp-content/plugins/wordfence
Just rename that to
/wp-content/plugins/wordfence.disabled
and WordPress will instantly disable it.
Let us know if that fixes the issue and if you find out what the cause is or if we can help.
I just accessed your site and it appears to be available.
Regards,
Mark.
I would contact sitelock and ask them for details. Then post them here and we can give you an opinion re why we aren’t alerting and if we should.
Regards,
Mark.
Hi,
If you have the option for ‘Wordfence security network’ enabled on the wordfence options page then when you experience a brute force hack, Wordfence reports the hack to noc3 so that we can aggregate the data and block those IP’s on other websites in the network.
If you don’t want that reporting to happen, just disable the Wordfence security network option.
As it sounds like you’re already aware, those TIME_WAIT connections are former connections to noc3 that will time-out from that state. The default timeout on Linux if I recall correctly is 2 times MSL (Max segment lifetime) which would be 2 minutes. I should also add that we design those reports to be extremely efficient i.e. very short lived connections that delivery a minimum payload to keep them as performant as possible.
Regards,
Mark.
Your hosting company doesn’t know what they’re talking about. I’d recommend finding another.
LOCK_EX is a file locking routine that we use to lock the .htaccess file before we modify it so that another process doesn’t modify it at the same time. Removing it will cause corruption of your .htaccess file which will cause your site to become unavailable when it responds with an HTTP 500 error.
It’s a bit like opening up a car’s hood while the engine is running, saying that the distributor has been known to have problems and removing it.
Regards,
Mark.
This has been fixed in 5.3.11 which was a hot-fix we released this evening. We are no longer showing this to anyone other than a site admin or, if you’re running multi-site, a Network Admin.
If you’d like to disable the Dashboard widget for admin’s too, you can do so on the options page by unchecking the option: “Enable activity report widget on dashboard:” and saving the options.
Regards,
Mark.
This has been fixed in 5.3.11 which was a hot-fix we released this evening. We are no longer showing this to anyone other than a site admin or, if you’re running multi-site, a Network Admin.
Regards,
Mark.
Thanks for the reports all. Sorry about this, we added a new .htaccess file in the wfcache directory for some added security but it turns out on some configurations this causes a serious problem. Still haven’t been able to reproduce it in the lab. But we rolled back the feature and all appears to be well now.
Thanks again for the fast reports.
Regards,
Mark.
Hi Fabian,
We generate a hit on various obfuscation techniques because they are used more often by malicious code than folks like you. The sample above was added in the last release because we’re seeing that exact technique used by a new malware.
Can you tell me which plugin and/or source file is causing this?
Thanks.
You can use the wildcard-ignore feature to ignore your backups in a scan.
Regards,
Mark.