• Resolved ausar920

    (@ausar920)


    Hello, I have a few issues with the iThemes Security plugin and I need your help to figure it out.

    Issues:

    1. Daily reports are no longer received

    Explanation: Daily reports and all the emails sent by iThemes Security are sent using the Brevo SMTP (I see them in the Brevo (ex Sendinblue) transactional logs), but I do not receive them in my mailbox. There are two logs each time: one “sent” and one “error” at the same time with no more explanation and the html content, where there usually shows the user visible content.

    I copied the html and pasted it in the notepad and created .html files. Here is an example of what you can see using the .html created files, if it can be of any help:

    • send mail to client: process message: process single part: get encrypted message: render template: parse render template: Pub/Sub ack: parse render template: parse: body: from string: tpl:
    • (email body)
    • (footer)
    • : [Error (where: parser) in | Line 457 Col 30 near ‘$href }}” target=”_blank” class=”border-radius” style=”-ms-text-size-adjust: 100%;-webkit-text-size-adjust: 100%;color: #2E280E;font-family: Helvetica;font-size: 30px;line-height: 100%;text-align: center;text-decoration: none;background-color: #FFCD08;border: 1px solid #FFCD08;display: inline-block;font-weight: bold;padding-top: 20px;padding-right: 30px;padding-bottom: 20px;padding-left: 30px;-webkit-border-radius: 5px;-moz-border-radius: 5px;border-radius: 5px;”>Passez à iThemes Security Pro
    • (footer, once more)
    • ‘] Expected either a number, string, keyword or identifier.

    2. Scheduled and manual site analysis are not working ;

    Explanation: I set the scheduled analysis and it worked fine for a few months. But since one or two months, it always fails. I deactivated scheduling and tried manual analysis, but it also fails. The same error shows each time: “Error: The scan failed to properly scan the site.” Details: “Exceeded rate limit. Please wait XXX seconds.”. I tried to wait the cooldown but with no success.

    3. Daily warnings about files changes (“Avertissement d’altération de fichier” in French)

    Explanation: For about a week or so, the plugin is sending a warning (which I do not receive but I am able to see it through the Brevo SMTP logs) about files changes. It goes from a few tens to a thousand files added, deleted or modified. And I do not know why it happens and if it is ok or if there is a malware. The last plugin I installed was Site Kit by Google and I linked it to AdSense about two weeks ago, I do not know if it has anything to do with these files changes.

    System info

    Website: https://orchid-info.org/

    I selected the ones I thought could be useful, I could not find iThemes Security info in the website health tool.

    ### wp-core ###
    
    version: 6.2.2
    site_language: fr_FR
    user_language: fr_FR
    timezone: Europe/Paris
    permalink: /%category%/%postname%/
    https_status: true
    multisite: false
    
    
    ### wp-dropins (1) ###
    
    advanced-cache.php: true
    
    ### wp-active-theme ###
    
    name: Astra Child (astra-child)
    version: 1.0.0
    author: Brainstorm Force
    author_website: https://wpastra.com/about/
    parent_theme: Astra (astra)
    theme_features: core-block-patterns, astra_hooks, widgets-block-editor, align-wide, automatic-feed-links, title-tag, post-thumbnails, starter-content, html5, post-formats, custom-logo, customize-selective-refresh-widgets, editor-style, woocommerce, rank-math-breadcrumbs, amp, editor-color-palette, infinite-scroll, widgets, menus
    theme_path: /home/orchidb/www/wp-content/themes/astra-child
    auto_update: Désactivé
    
    ### wp-parent-theme ###
    
    name: Astra (astra)
    version: 4.1.6
    author: Brainstorm Force
    author_website: https://wpastra.com/about/?utm_source=theme_preview&utm_medium=author_link&utm_campaign=astra_theme
    theme_path: /home/orchidb/www/wp-content/themes/astra
    auto_update: Désactivé
    
    ### wp-themes-inactive (3) ###
    
    Hello Elementor: version: 2.8.1, author: L’équipe d’Elementor, Mises à jour auto désactivées
    Twenty Twenty-Three: version: 1.1, author: L’équipe WordPress, Mises à jour auto désactivées
    Twenty Twenty-Two: version: 1.4, author: L’équipe WordPress, Mises à jour auto désactivées
    
    ### wp-mu-plugins (1) ###
    
    WP STAGING Optimizer: version: 1.5.1, author: René Hermenau
    
    ### wp-plugins-active (14) ###
    
    Akismet Anti-Spam: Spam Protection: version: 5.2, author: Automattic - Anti Spam Team, Mises à jour auto désactivées
    Backup Duplicator & Migration - WP STAGING: version: 3.0.0, author: WP-STAGING, WPStagingBackup, Mises à jour auto désactivées
    CookieYes | GDPR Cookie Consent: version: 3.1.1, author: CookieYes, Mises à jour auto désactivées
    Imagify: version: 2.1.1, author: Imagify – Optimize Images & Convert WebP, Mises à jour auto désactivées
    iThemes Security: version: 8.1.7, author: iThemes, Mises à jour auto désactivées
    Jetpack: version: 12.3, author: Automattic, Mises à jour auto désactivées
    Newsletter, SMTP, Email marketing and Subscribe forms by Brevo: version: 3.1.68, author: Brevo, Mises à jour auto désactivées
    SEOPress: version: 6.8.0.1, author: The SEO Guys at SEOPress, Mises à jour auto désactivées
    Site Kit by Google: version: 1.105.0, author: Google, Mises à jour auto désactivées
    Spectra: version: 2.7.2, author: Brainstorm Force, Mises à jour auto désactivées
    Starter Templates: version: 3.2.6, author: Brainstorm Force, Mises à jour auto désactivées
    UpdraftPlus - Backup/Restore: version: 1.23.7, author: UpdraftPlus.Com, DavidAnderson, Mises à jour auto désactivées
    WP-Optimize - Clean, Compress, Cache: version: 3.2.16, author: David Anderson, Ruhani Rabin, Team Updraft, Mises à jour auto désactivées
    WPForms Lite: version: 1.8.2.3, author: WPForms, Mises à jour auto désactivées
    
    ### wp-plugins-inactive (1) ###
    
    Hello Dolly: version: 1.7.2, author: Matt Mullenweg, Mises à jour auto désactivées
    
    
    ### wp-server ###
    
    server_architecture: Linux 5.15.80-ovh-vps-grsec-zfs-classid x86_64
    httpd_software: Apache
    php_version: 8.0.28 64bit
    php_sapi: fpm-fcgi
    max_input_variables: 16000
    time_limit: 165
    memory_limit: 512M
    max_input_time: -1
    upload_max_filesize: 128M
    php_post_max_size: 130M
    curl_version: 7.64.0 OpenSSL/1.1.1n
    suhosin: false
    imagick_availability: true
    pretty_permalinks: true
    htaccess_extra_rules: true
    
    ### wp-database ###
    
    extension: mysqli
    server_version: 5.7.42-log
    client_version: mysqlnd 8.0.28
    max_allowed_packet: 33554432
    max_connections: 151
    
    
    ### wp-filesystem ###
    
    wordpress: writable
    wp-content: writable
    uploads: writable
    plugins: writable
    themes: writable
    mu-plugins: writable
    

    Things I’ve tried:

    Using a staging site I tried a few things, with no success:

    • Change the “from” email
    • Deactivate all plugins
    • Uninstall and reinstall iThemes Security

    I do not know if these errors are linked together or if multiple factors triggered them separately, but I do not know what to do about it and would very much like to fix it.

    Thanks.

Viewing 7 replies - 1 through 7 (of 7 total)
  • Plugin Support Shalom Taiwo

    (@shalomt)

    Hi @ausar920

    Thank you for reaching out to us.

    Daily reports are no longer received

    ?I have reported it to our developers to look into this error.?
    While I don’t have an ETA on the fix, I’ll let you know as soon as I get a response.

    Scheduled and manual site analysis are not working

    Could you please wait for the cooldown time, try again, and see if this helps, as we have no way to trigger the rescan manually?

    Daily warnings about files changes

    It is worth mentioning that the File Change module doesn’t work on all setups, and we are aware of this behaviour. While I don’t have an ETA on a fix for this behaviour, I’ll let you know as soon as I get a response from our devs.

    Looking forward to your response.

    Best regards,
    Shalom

    Thread Starter ausar920

    (@ausar920)

    Hello, thank you for your answer.

    Daily reports are no longer received

    Does this happen to other people as well or only me?

    Scheduled and manual site analysis are not working

    Indeed I tried several times to wait for the cooldown of the analysis, but the same error shows:?“Error: The scan failed to properly scan the site.” Details: “Exceeded rate limit. Please wait XXX seconds.” I do not know if the information I provided above are of any help to you?

    Daily warnings about files changes

    So i deactivated the File Change module and I no longer see them in the logs.

    Plugin Support Shalom Taiwo

    (@shalomt)

    Hi @ausar920

    Does this happen to other people as well or only me?

    This is not a common case, however, it occurs once in a while for a few users.

    Indeed I tried several times to wait for the cooldown of the analysis, but the same error shows

    I’m afraid that with this issue, it’s usually dependent on the rate limit and cannot be manually triggered on our end. Could you please also try regenerating your .htaccess file, as well as enabling the REST API and XML-RPC to see if this also helps?

    Thread Starter ausar920

    (@ausar920)

    Hi,

    Somehow, one analysis runned just fine saturday, but it is the only one and it still does not work now. Here are some screenshots of the detailed reports: https://drive.google.com/drive/folders/13VHQz1cewfEbDX2OFNLQhSKyFQECw-Gw?usp=sharing

    I regenerated the .htaccess file, and I checked: both REST and XML-RPC APIs are enabled, but it does not seem to have changed anything.

    Thread Starter ausar920

    (@ausar920)

    Hi @shalomt, the issue is still not resolved unfortunately, do you have another idea to help resolve it?

    Plugin Support chandelierrr

    (@shanedelierrr)

    Hi @ausar920, please excuse the delayed response here! Could you please try updating to the latest Solid Security Basic plugin and let me know if you can now receive the Site Scan notifications?

    Regarding the exceeded rate limit error, the Site Scanner has a 10-minute rate limit, and for free users, it’s tied to your server’s IP address. Waiting for the cooldown time usually helps, but if you keep getting this error, you may have plenty of sites on the same server, and our suggestion would be to upgrade to Solid Security Pro.

    Looking forward to hearing from you!

    Plugin Support chandelierrr

    (@shanedelierrr)

    Hi there,

    I hope the information was helpful to you. Tracking notifications on this forum can become tricky over time, and since we haven’t received a response, I’ll mark this post resolved.

    If you still require further assistance, feel free to open a new support topic, and we’d be happy to assist.

    Thank you!

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Scheduled analysis not working and daily reports not received’ is closed to new replies.