Mark Maunder
Forum Replies Created
-
Hi all,
We are seeing malware in the wild that is using a pattern with a str_replace followed by a function call where the function is a variable name. We added detection for this but it turns out that a few plugin authors do a str_replace and then a lambda call (anon function assigned to variable) on the same line. Who knew!
So we’ve modified the detection to fix this. You won’t see any more false positives like this. The modification was made on our servers as a hotfix so you don’t need to upgrade to get the fix. You already have it.
Apologies for the inconvenience caused.
Regards,
Mark.
Hi there,
Thanks for joining our beta program, please ensure you’re on the mailing list which is here:
http://www.wordfence.com/sign-up-for-the-wordfence-beta-program/
That is where we email instructions and beta announcements with download locations.
Once you’re in the program you can email feedback for each release to beta@wordfence.com (no support tickets please, just bug reports)
Regards,
Mark.
Hi,
This is because your site admin has disallowed you to use IP blocking in .htaccess. It’s something specific to your config, not a bug in Wordfence. Read this for more:
http://stackoverflow.com/questions/14250674/htaccessorder-not-allowed-here
Also google around for the specific error you’re getting, it’s a common problem.
I got your email re the beta, and we’re not going to add a fix for this because it’s an issue with your config and not Falcon.
Regards,
Mark.
Sorry to hear this. We are active on our forums, unlike many other plugins. As you can see from today’s activity, we worked very hard to support our free folks. If we missed your support request, I apologize.
Regards,
Mark.
Someone flagged the plugin as broken for 3.8.3 so if it’s working for you now it would be great if you could flag it as working.
Thanks.
Mark.
It takes a moment for us to mirror a new release. So…
BAM! It’s fixed. 🙂
Try your scan again and it’ll work.
Regards,
Mark.
Ah, OK I understand. I’ll add this.
Regards,
Mark.
Woohoo! Great news. OK post again if you have a problem!
Regards,
Mark.
Agreed, I’d say start with an upgrade to 64M and see if that improves things.
(Thanks @esmi! You rule!!)
Regards,
Mark.
Wow, stingy host. Tell them to not be so cheap with their servers.
So what happened here is the following:
You enabled Wordfence live traffic which is fine.
Then you went to the live traffic page and you kept your web browser open on that page for the whole day. What the browser does is it pings the server every 2 seconds to see if there is new traffic. (We’re looking to improve this with a future release)
That causes a hit to admin-ajax.php every 2 seconds. So it was your browser that generated the traffic that caused them to complain. If a web host can’t handle a hit every 2 seconds, then I wonder what will happen when you get some real traffic.
But if you want to fix this here is how:
Go to Wordfence options. Scroll to the bottom of the page and find:
Update interval in seconds (2 is default)
Set this update interval to something like 30 seconds (just enter the number 30) which will cause a hit every 30 seconds when you’re watching live traffic. That should keep your web host happy.
In the mean time I’ll get thinking on this side about how to optimize this.
Regards,
Mark.
Yes please do this and let me know if you find a fix!
No we don’t enable an object cache because we found it offers very little performance benefit.
Regards,
Mark.
Anyone else seeing this?
Regards,
Mark.
Thanks @Barnez!
Exactly that.
Regards,
Mark.
Hi Bogdan,
yes we can do that. Was there anything else you wanted excluded?
Regards,
Mark.
Hi,
Sorry about that, I’m not marking this resolved until it actually is.
Can you confirm that you have live traffic enabled?
On your public facing pages, please search your page source for “logHuman” without quotes and paste the line you see here.
Regards,
Mark.