Scheduled analysis not working and daily reports not received

Hello, I have a few issues with the iThemes Security plugin and I need your help to figure it out.

Issues:

1. Daily reports are no longer received

Explanation: Daily reports and all the emails sent by iThemes Security are sent using the Brevo SMTP (I see them in the Brevo (ex Sendinblue) transactional logs), but I do not receive them in my mailbox. There are two logs each time: one “sent” and one “error” at the same time with no more explanation and the html content, where there usually shows the user visible content.

I copied the html and pasted it in the notepad and created .html files. Here is an example of what you can see using the .html created files, if it can be of any help:

• send mail to client: process message: process single part: get encrypted message: render template: parse render template: Pub/Sub ack: parse render template: parse: body: from string: tpl:
• (email body)
• (footer)
• : [Error (where: parser) in | Line 457 Col 30 near ‘$href }}” target=”_blank” class=”border-radius” style=”-ms-text-size-adjust: 100%;-webkit-text-size-adjust: 100%;color: #2E280E;font-family: Helvetica;font-size: 30px;line-height: 100%;text-align: center;text-decoration: none;background-color: #FFCD08;border: 1px solid #FFCD08;display: inline-block;font-weight: bold;padding-top: 20px;padding-right: 30px;padding-bottom: 20px;padding-left: 30px;-webkit-border-radius: 5px;-moz-border-radius: 5px;border-radius: 5px;”>Passez à iThemes Security Pro
• (footer, once more)
• ‘] Expected either a number, string, keyword or identifier.

2. Scheduled and manual site analysis are not working ;

Explanation: I set the scheduled analysis and it worked fine for a few months. But since one or two months, it always fails. I deactivated scheduling and tried manual analysis, but it also fails. The same error shows each time: “Error: The scan failed to properly scan the site.” Details: “Exceeded rate limit. Please wait XXX seconds.”. I tried to wait the cooldown but with no success.

3. Daily warnings about files changes (“Avertissement d’altération de fichier” in French)

Explanation: For about a week or so, the plugin is sending a warning (which I do not receive but I am able to see it through the Brevo SMTP logs) about files changes. It goes from a few tens to a thousand files added, deleted or modified. And I do not know why it happens and if it is ok or if there is a malware. The last plugin I installed was Site Kit by Google and I linked it to AdSense about two weeks ago, I do not know if it has anything to do with these files changes.

System info

Website: https://orchid-info.org/

I selected the ones I thought could be useful, I could not find iThemes Security info in the website health tool.

### wp-core ###

version: 6.2.2
site_language: fr_FR
user_language: fr_FR
timezone: Europe/Paris
permalink: /%category%/%postname%/
https_status: true
multisite: false


### wp-dropins (1) ###

advanced-cache.php: true

### wp-active-theme ###

name: Astra Child (astra-child)
version: 1.0.0
author: Brainstorm Force
author_website: https://wpastra.com/about/
parent_theme: Astra (astra)
theme_features: core-block-patterns, astra_hooks, widgets-block-editor, align-wide, automatic-feed-links, title-tag, post-thumbnails, starter-content, html5, post-formats, custom-logo, customize-selective-refresh-widgets, editor-style, woocommerce, rank-math-breadcrumbs, amp, editor-color-palette, infinite-scroll, widgets, menus
theme_path: /home/orchidb/www/wp-content/themes/astra-child
auto_update: Désactivé

### wp-parent-theme ###

name: Astra (astra)
version: 4.1.6
author: Brainstorm Force
author_website: https://wpastra.com/about/?utm_source=theme_preview&utm_medium=author_link&utm_campaign=astra_theme
theme_path: /home/orchidb/www/wp-content/themes/astra
auto_update: Désactivé

### wp-themes-inactive (3) ###

Hello Elementor: version: 2.8.1, author: L’équipe d’Elementor, Mises à jour auto désactivées
Twenty Twenty-Three: version: 1.1, author: L’équipe WordPress, Mises à jour auto désactivées
Twenty Twenty-Two: version: 1.4, author: L’équipe WordPress, Mises à jour auto désactivées

### wp-mu-plugins (1) ###

WP STAGING Optimizer: version: 1.5.1, author: René Hermenau

### wp-plugins-active (14) ###

Akismet Anti-Spam: Spam Protection: version: 5.2, author: Automattic - Anti Spam Team, Mises à jour auto désactivées
Backup Duplicator & Migration - WP STAGING: version: 3.0.0, author: WP-STAGING, WPStagingBackup, Mises à jour auto désactivées
CookieYes | GDPR Cookie Consent: version: 3.1.1, author: CookieYes, Mises à jour auto désactivées
Imagify: version: 2.1.1, author: Imagify – Optimize Images & Convert WebP, Mises à jour auto désactivées
iThemes Security: version: 8.1.7, author: iThemes, Mises à jour auto désactivées
Jetpack: version: 12.3, author: Automattic, Mises à jour auto désactivées
Newsletter, SMTP, Email marketing and Subscribe forms by Brevo: version: 3.1.68, author: Brevo, Mises à jour auto désactivées
SEOPress: version: 6.8.0.1, author: The SEO Guys at SEOPress, Mises à jour auto désactivées
Site Kit by Google: version: 1.105.0, author: Google, Mises à jour auto désactivées
Spectra: version: 2.7.2, author: Brainstorm Force, Mises à jour auto désactivées
Starter Templates: version: 3.2.6, author: Brainstorm Force, Mises à jour auto désactivées
UpdraftPlus - Backup/Restore: version: 1.23.7, author: UpdraftPlus.Com, DavidAnderson, Mises à jour auto désactivées
WP-Optimize - Clean, Compress, Cache: version: 3.2.16, author: David Anderson, Ruhani Rabin, Team Updraft, Mises à jour auto désactivées
WPForms Lite: version: 1.8.2.3, author: WPForms, Mises à jour auto désactivées

### wp-plugins-inactive (1) ###

Hello Dolly: version: 1.7.2, author: Matt Mullenweg, Mises à jour auto désactivées


### wp-server ###

server_architecture: Linux 5.15.80-ovh-vps-grsec-zfs-classid x86_64
httpd_software: Apache
php_version: 8.0.28 64bit
php_sapi: fpm-fcgi
max_input_variables: 16000
time_limit: 165
memory_limit: 512M
max_input_time: -1
upload_max_filesize: 128M
php_post_max_size: 130M
curl_version: 7.64.0 OpenSSL/1.1.1n
suhosin: false
imagick_availability: true
pretty_permalinks: true
htaccess_extra_rules: true

### wp-database ###

extension: mysqli
server_version: 5.7.42-log
client_version: mysqlnd 8.0.28
max_allowed_packet: 33554432
max_connections: 151


### wp-filesystem ###

wordpress: writable
wp-content: writable
uploads: writable
plugins: writable
themes: writable
mu-plugins: writable

Things I’ve tried:

Using a staging site I tried a few things, with no success:

• Change the “from” email
• Deactivate all plugins
• Uninstall and reinstall iThemes Security

I do not know if these errors are linked together or if multiple factors triggered them separately, but I do not know what to do about it and would very much like to fix it.

Thanks.