cURL error 56: OpenSSL SSL_read: Connection reset by peer, errno 104

Hello @holidaystory17 and thanks for reaching out again!

Our QA team has suggested there might be an issue with how TLS is being resolved on your host’s end.

Can you have them, or you can if you’re comfortable doing so, try to run curl -v in the CLI a few times to see if it fails, and what it says.

Thanks!

Please let me know the procedure.

You will want the host to run this command in CLI a few times:

curl -v https://noc1.wordfence.com/

It should normally end with a message saying Your site did not send an API key when contacting the Wordfence servers. if it’s successful.

Let me know the results!

Thanks again!

Hi

I change the theme. Found something positive but not fully satisfactory. The manual scan is completed now, but the auto scan still has the error.

Please refer:- https://ibb.co/BVjnBST

The curl result:-

https://ibb.co/WgKgT6p

The curl test on the CLI looks ok and is reaching the right server, but i notice you’re running curl 7.19.7 on the CLI, and 7.74.0 from within PHP. Usually, a newer version is better, but there’s still a chance there’s something wrong with the way it was built.

It seems possible cron is involved if it works you run manually, but I’m not sure why that would be yet. You do have WP’s cron settings set up normally, but maybe if the host is running cron jobs on a different machine somehow (could be a different PHP version), or this site was migrated from an old server, but the old server is still there and running cron jobs and still connected to the site’s database, that could cause some issues.

Can you send a full scan log of a failed automatic scan, and also a full scan log of a regular scan. I see in the scan log screenshot that it’s starting scans remotely, but I don’t think it’s doing that for the manual scan, from what I can see in our logs.

Thanks again for your help!

Hi

Sent you the log through the mail.

Bellow reply is from my hosting provider.

—

Your website hosted on a shared server, so we cant update/change curl version. It will affect the whole server performance.

Thanks for sending that! Is that for your automatic scan or the manual scan?

Thanks again!

automatic scan, its failed, manual scan is ok.

• This reply was modified 3 years, 9 months ago by Ruma Dey Baidya.

I see a successful scan with the text Scan Complete. Scanned 16839 files, 20 plugins, 7 themes, 97 posts, 167 comments and 18958 URLs in 3 minutes 34 seconds. and a successful “quick scan” after that (I’m not sure if those were working before.)

I also see lines saying Starting cron with normal ajax, so it’s not needing to use noc1 to start scans remotely. If that’s an automatic scan, that looks like it’s working as it should now.

What are you seeing on your end to think it’s failing on the automatic scans?

Thanks!

HI Team

I am unable to find the log of that day, but find error in today’s log. Can you kindly check one more time. I have already sent the log through the mail.

Thanks for sending that report again!

The message Connection reset by peer in connection to www.yoururl.com:443 means the site was disconnected from its connection to itself.

That rules out our scan server(noc1) as the cause of the connection reset issue, but the log also shows it tried noc1 where it says Starting cron via proxy at ..., that seemed to connect, but the next stage of the scan didn’t start. I see that hit successfully reached our server, which means that our server also could not reach yours.

Unfortunately, you’ll have to reach out to the host again, because if your site intermittently gets that same error even when connecting to itself, that can only be fixed by the host.

Let me know what they say! You can provide them this information to help them.

Thanks again!