Q
Forum Replies Created
-
Great, I’d like to write some custom code. I reviewed the Jetpack documentation but didn’t see any hooks for overriding carousel behavior. Could you give me a clue what kind of custom code can change that animation?
Wait, why would you be waiting to hear back from me? I’m waiting for a reply from support. Is this an acknowledged issue or not? Please keep this ticket open until the issue is rejected or resolved.
Hi Tim,
Better error messages would be a great for everyone: it’d make the developer experience better and reduce your support load.
In this case, there is an easy fix that should be implemented to prevent the error from occurring in the first place: allow to configure WordFence to use a specific chmod mask so its log files can be defined as group-readable. You call this a “permissions issue”, but the issue is that the permissions are actually impossible to fix. If I set the correct permissions for my environment (
-rw-r-----), WordFence will just resets them to what it assumes is correct (-rw-------) the next time it runs, thus generating an error.In my case,
-rw-r-----are the necessary permissions. Because of legacy reasons, the php user runs asapache, but the cron user must run asuser1.I’ve already mentioned two errors that occur due to permissions in my previous messages, but there are more:
Error #3:
Warning: flock() expects parameter 1 to be resource, boolean given in /var/www/html/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/waf.php on line 326 Warning: flock() expects parameter 1 to be resource, boolean given in /var/www/html/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/waf.php on line 329 Warning: fclose() expects parameter 1 to be resource, boolean given in /var/www/html/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/waf.php on line 330Error #4:
Stack trace: #4 [internal function]: wordfence::processAttack in /var/www/html/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/storage/file.php on line 468(With the “There has been a critical error on your website” page html dumped to the screen.)
Hi Gerroald,
Thanks for the reply.
If I execute wp-cron.php via http request (curl, et al) then there is no error.
My hunch is that this is a permissions problem. But I’m confused why the problem is intermittant: the error messages are only reported about once a week, and I’m running wp-cron.php via CLI every 15 minutes.
I do consistently get this error every time:
Unable to open /var/www/html/wp-content/wflogs/attack-data.php for reading and writing.That’s not a problem, it doesn’t prevent wp-cron.php or wp-cli from running successfully, so I usually filter the cli output like this2>&1 | grep -v /wflogs/.There are two users who need access to the /wflogs/ directory:
– apache is running as user
apache
– cron jobs execute as the site useruser1Wordfence writes files to the /wflogs/ directory with only owner-readability permissions set:
drwxr-xr-x 2 apache user1 224 May 16 23:55 . drwxrwsr-x 8 apache user1 97 Dec 11 01:46 .. -rw------- 1 apache user1 40083 Dec 11 01:46 attack-data.php -rw------- 1 apache apache 601 May 16 23:53 config-livewaf.php -rw------- 1 apache apache 559 Dec 20 05:10 config.php -rw------- 1 apache apache 11713 Dec 24 18:45 config-synced.php -rw------- 1 apache apache 1255378 May 16 23:55 config-transient.php -rw-rw-r-- 1 apache user1 3803555 Apr 26 15:29 GeoLite2-Country.mmdb -rw-r--r-- 1 apache user1 133 May 16 23:53 .htaccess -rw------- 1 apache user1 51 May 16 23:53 ips.php -rw-r--r-- 1 apache apache 264325 May 16 23:53 rules.php -rw------- 1 apache user1 51 Dec 11 01:47 template.phpI update the perms to
-rw-r-----, only for them to automatically reset to-rw-------. I could do something hackish like addchmod g+r ./wflogs/before I run any cron job, but I thought I would report this issue because I would expect Wordfence to fail gracefully and display a more useful error message if there is a permissions issue, if indeed this problem is caused by permissions.Thanks again for your help.
It seems to be working now, thanks.
Forum: Plugins
In reply to: can't download subscibers from wordpress.org site using JetpackSame problem here. The “Download all email-only followers as CSV” link takes me to dashboard.wordpress.com, where there is no CSV to be found. Instead I see this screen: http://i.imgur.com/3e89zfn.png
I solved the problem by going to the main Jetpack page on my site, and clicking the big button at top, “Connect to WordPress.com”. After setting this up, the “Download all email-only followers as CSV” link works as expected, downloading a “website.csv” file.
