rules not updating

Hi @gbeddow, thanks for getting in touch!

If you’re not seeing permission failures to either your database or files reported on your Wordfence > Tools > Diagnostics page, I would try navigating to your wp-content/wflogs folder via FTP or file manager. You should be able to delete the wflogs folder or its contents entirely and Wordfence should try to repopulate it within 30 minutes.

It’s also worth checking that in addition to 755 permissions on your WordPress site’s directories, the process owner is also www-data.

If you experience persistent problems with the rules.php file, you can bypass this entirely by setting Wordfence to write to the MySQLi storage engine instead of a file: https://www.wordfence.com/help/firewall/mysqli-storage-engine/

Thanks,
Peter.

Thanks @wfpeter . Deleting the wflogs folder made the Wordfence error message go away, but manually updating the rules failed because it thought it had exceeded a maximum number of manual updates. Maybe it will start working normally again now, we’ll see.

@wfpeter One unfortunate side-effect of this is that my site is now often very slow. So slow, in fact, I’ve had to temporarily disable Wordfence altogether, not a good state of affairs.

Possible clue:

# cat /data/logs/bluenote9.com-error.log

…

[Sat Mar 25 07:51:54.039740 2023] [:error] [pid 24744] [client 192.168.1.1:57314] PHP Fatal error: Maximum execution time of 30 seconds exceeded in /data/public_html/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/utils.php on line 479

@wfpeter any progress on this? Does a fix need to happen in Wordfence, or is there something more I can do on my side?

Hi @gbeddow, thanks for the extra detail.

The error message of 30 seconds sounds correct for our settings as Wordfence only ever attempts to use half of our recommended value of 60. Check max_execution_time = 60 in php.ini.

For a screenshot of my recommended Performance setting options too – Click Here.

Your WP_MEMORY_LIMIT should be set to 128M or 256M in wp-config.php. WooCommerce, for example, recommend 64M minimum, so if you also have many hits on the site at once especially during a Wordfence scan, a lower limit (like 40M commonly seen here) could be reached fairly easily. Your PHP memory_limit value could also be adjusted to match the above value.

Finally, I have seen the specific error message you mention remedied before when turning off Wordfence > All Options > Scan Options > Scan for publicly accessible quarantined files, and/or Scan file contents for backdoors, trojans and suspicious code. Give one of those a try, then the other, then both together.

Thanks again,
Peter.

@wfpeter Any other ideas? I tried all those and the site still hangs intermittently for > 30 seconds.

Another idea: Over the past ~6 years I’ve manually blocked a large number of IPs for making failed login attempts, etc. Is it possible Wordfence is slowing down as a result?

@wfpeter are you sure there isn’t a bug somewhere in Wordfence?

Every time it hangs there’s a timeout error in different places in the Wordfence code – and no errors anywhere else. Here’s another one just as a data point:

[Tue Mar 28 14:38:40.279739 2023] [:error] [pid 23167] [client 192.168.1.1:64292] PHP Fatal error: Maximum execution time of 30 seconds exceeded in /data/public_html/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/parser/lexer.php on line 672

@wfpeter any word on a fix for this? Since it started my site availability according to Site24x7.com has dropped from 100% to less than 15%, so I’m about to pull the plug on Wordfence.