Suggestion regarding some Wordfence email alerts

  • Resolved bjf2000

    (@bjf2000)


    2 years, 8 months ago

    While I appreciate receiving email alerts highlighting the “medium security” problem of a plugin that’s out-of-date, it doesn’t make sense that your system doesn’t take a beat before sending such alerts.

    Because if it did, then it would allow for the new-ish feature in WordPress that optionally allows for the automatic update of plugins (not to mention that there are myriad other ways to update them automatically which have existed for years).

    In other words, by the time one actually even sees these emails minutes later (at the earliest), the plugin is probably already updated, making the alert pointless.

    As such, I’d program in a delay of some kind for alerts about plugins. If the system then sees that it’s been updated, it’s not sent.

Viewing 2 replies - 1 through 2 (of 2 total)

  • Hi @bjf2000

    Thanks for reaching out!

    By default, WP only auto-updates plugins twice a day — so depending on when wp-cron jobs are scheduled, it’s still possible that there’s a 12-hour window when the auto-update has not run, so on many sites, we’d still send the notice.

    If 24-hour/12-hour WP cron jobs on a given site happen to run nearly at the same as Wordfence’s scans or daily cron jobs, then the update may have already run by the time the scan results are sent.

    I have passed this along to the developers, however, I cannot provide a timeline on when this will be implemented.

    Please let me know if you have any other questions and I will be happy to help!

    Thanks,

    Joshua

    Thread Starter bjf2000

    (@bjf2000)

    Oh, that’s interesting and really good to know, thanks. In that case, how you’re doing it is appropriate. We must still be updating most another way and it’s much faster.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Suggestion regarding some Wordfence email alerts’ is closed to new replies.