Mark Maunder
Forum Replies Created
-
Hi,
It’s likely that your file permissions don’t allow us to write the the files that have been modified. Please make sure they’re writable by your web server. If you’re unsure how to do that ask your hosting provider.
Alternatively it could be that you’re repairing the files and they’re immediately re-infected. If that’s the case, then Wordfence repair may not be finding the root infection and that infection may be outside your WordPress installation. In that case you should log a support call with your host and ask if they can investigate, if they offer cleaning services and if not then you’ll need to get someone who does hands-on cleaning.
Regards,
Mark.
Hi,
Please give us more information. What did you see when you were locked out?
The problem appears to be that your web server is not able to contact our servers. This should not result in you being locked out, but it will make Wordfence unusable. It’s likely that your hosting provider is blocking your web server from contacting noc1.wordfence.com on port 80 and 443 which is where our servers live.
Please log a support call with them and ask them to resolve this.
Regards,
Mark.
This is not a bug in Wordfence. 32 megabytes is not enough to host a modern WordPress installation.
I’m surprised that Wordfence works at all on 32 megabytes. Our minimum recommended memory for running WordPress with Wordfence is 64 megs. Here are our system requirements with some additional info:
http://docs.wordfence.com/en/Wordfence_system_requirements
Regards,
Mark.
Yes, what’s happening here is that while Wordfence is doing various tasks like scanning, it stores data temporarily in your database. Some of the data we store comes in chunks and if a chunk is larger than your mysql database’s “max allowed packet” then we are smart enough to know that the mysql query will fail with an error if we try to write it. So instead we store it in your tmp directory.
It’s serialized data which is why it looks like garbage.
So the file is quite safe.
Regards,
Mark.
You’re welcome.
Regards,
Mark.
You require cellphone auth every time you sign in unless you whitelist your IP address. However unless you’re sure you’re on a static IP address we don’t recommend doing this.
http://docs.wordfence.com/en/Wordfence_options#Whitelisted_IP_addresses_that_bypass_all_rules
Regards,
Mark.
Hi,
Thanks for the feedback. We’ve entered this as a feature request. We actually used to do this i.e. alert on files that are not recognized in core but were in core directories. So we’re looking at offering this again but as an option.
Also just FYI, we don’t maintain that git repo, so if it’s a reliable mirror of what’s currently in the SVN repository then I guess you can use that, but make sure it is.
Thanks for the feedback.
Regards,
Mark.
Hi swedeman,
We opened a bug to examine this but looking at the code I don’t see any way that our code could have written an array to that field in the database.
So I think this might be some kind of table corruption or something else unique with your system. In otherwords, I can’t reproduce it or see a cause in the code.
So I’m going to close the bug until we get more data or more reports.
If you can, please work with Tim to get us an export if your database or at least the wp_wfConfig table and we’ll examine it to find the cause. If you can send that to us we’ll examine this further. (Don’t post it here – email it to us)
To fix this you’ll need to reset your Wordfence to defaults. So go to the bottom of your Wordfence options page, check the box to remove all WF data on disable. Then disable and reenable the plugin and that will fix the issue.
Regards,
Mark.
Sorry Tim! I think we were responding at the same time. 🙂
Just click the box at the bottom of your Wordfence options page to “Delete Wordfence tables and data on deactivation” and then deactivate.
And we’ve even anticipated that some folks might not want to or be able to install Wordfence to remove there data, so we created a Wordfence Assistant plugin which also gives you the option to remove the tables:
https://wordpress.org/plugins/wordfence-assistant/
Regards,
Mark.
And to be clear, the Wordfence Falcon Cache is completely optional, so you can simply disable it and use something else if you prefer.
Regards,
Mark.
Hi,
This issue is now fixed. Please check your system and verify that for me if you can.
Our systems were out of sync due to a recent system-wide upgrade in our data center. This has now been resolved and we’ve taken steps to prevent it from reoccurring in future.
Thanks for the report and for your patience.
Regards,
Mark.
Wordfence 5.2.7 was released a few minutes ago and contains a fix for the issue you reported. So you won’t see those LOCK_EX file locking warnings related to NFS appearing anymore.
Regards,
Mark.
Hi Jackie,
This really is a mysql question, not a Wordfence question. It looks like you have table corruption that was probably caused by your server suddenly powering off and on again. You need to run a repair on those tables. but please post this question in the mysql forums or on stackoverflow because Wordfence did not cause those tables to get corrupted – it just happens to be our tables that are suffering from the problem with your database.
Regards,
Mark.
Hi there,
php5-curl is not a dependency for Wordfence and it’s designed to work without the cURL library. What we do is we fall back to using file_get_contents library. When you posted this I tested that file_get_contents works by disabling cURL on one of our lab systems. And it works great.
So if you have any more information from your web server error logs showing why file_get_contents() was not working for you when you did not have curl installed that would help us diagnose this. But on my end it seems to work great without curl, although I should add for anyone else reading this that curl is preferred by us because it’s more configurable.
I understand you want to move on, but I’m also posting this for anyone else who arrives here via google.
Regards,
Mark.