Unable to open /path-to/wp-content/wflogs/ips.php for reading and writing

  • Resolved felipelungov

    (@felipelungov)


    4 years, 11 months ago

    That message keeps showing up in my log every day or two. The file is not there. I tried removing the folder as I saw in another topic. The folder is later recreated, but the file is always missing. The folder permission is 644 and is owned by the user Cloudways creates for the WP installation.

    Cloudways user structure is a little bit messy, but as far as I understand if WF recreates the folder, I’m assuming it would assign its ownership to a user that it can later use to modify files inside that folder. So my main suspicion here is that WF is not including the file when it creates the folder, nor is it trying to create it when it generates the message above.

    • This topic was modified 4 years, 11 months ago by felipelungov.
Viewing 8 replies - 1 through 8 (of 8 total)
  • Plugin Support wfphil

    (@wfphil)

    Please check that the directory below has standard permissions of 0755:

    ~/wp-content

    Now check that the directory below has permissions of 0755 or 0775, since some hosting providers depend on the server group being able to write the firewall files rather than the file owner:

    ~/wp-content/wflogs

    If the permissions are correct then typically this situation will occur if the user/group owner is different on the Wordfence wflogs directory than the user WordPress is running as on your site.

    If you check on the Diagnostics tab on the Wordfence Tools page, you’ll see a section there called PHP Environment and in there a Process Owner will be specified. Make a note of the Process Owner.

    You may need to ask Cloudways for assistance for the next part.

    If you click on the wflogs directory in an FTP client you may be able to see an owner that has user/group ownership for the wflogs directory. You may see numbers instead of the Process Owner shown on your Wordfence Diagnostics page. This doesn’t mean that the ownership is incorrect. If that happens then you can login to the server via a SSH (secure shell) command line utility. Check that the owner for the user/group is the same as the Process Owner from your Wordfence Diagnostics page.

    If they are different then Wordfence can’t read and write correctly to the wflogs directory. This can occur if there is a server side cron job on the server that is set up to trigger wp-cron.php (WordPress scheduled tasks) via PHP. If this is the case, that server side cron job can be changed to run via cURL or WGET instead of directly via PHP. This will make WordPress cron run more like it was intended by WordPress developers, and it will prevent the wflogs directory files from getting the wrong “user/group” ownership.

    If WordPress cron jobs are not being run via a server cron job then it appears that there are problems either with file and / or directory permissions or ownership and Cloudways will need to fix that for you.

    Thread Starter felipelungov

    (@felipelungov)

    Hi @wfphil, thank you for your through response!

    – wp-content is 0775

    – wflogs is 0755

    – The process owner seen in Diagnostics is the same as the wflogs owner seen in FTP, but not the same owner of wp-content.

    – Up until yesterday, the sites were starting cron jobs from within WP. Since then, from an external server side cron job on wp-cron.php. In both time frames I have been getting the message in the error log. I can switch it back for testing, but it doesn’t seem to make a difference in my case.

    I just changed wflogs to 775, let’s see if Cloudways is one of the hosting providers you mentioned. We will only know if it worked tomorrow morning when the cron job runs again as I couldn’t identify the cron job in the upcoming list.

    Thanks again!

    Thread Starter felipelungov

    (@felipelungov)

    Hi,

    I am still getting the message. I am changing cron jobs back to WP default, although like I said that is how they were running before. We will find out the results tomorrow morning.

    If I still get the message, we need to look elsewhere. Is there a check that is done before creating that file? Is it created together with the wflogs folder or at a later time?

    Thread Starter felipelungov

    (@felipelungov)

    I have tried everything in you list, and I still get the error message. And the file is not there either. What else can we try?

    Is there any check that is done before creating that file? Is it created together with the wflogs folder or at a later time?

    Thread Starter felipelungov

    (@felipelungov)

    I manage to find a solution for this:

    https://www.wordfence.com/help/firewall/mysqli-storage-engine/

    Ever since I have defined that constant, I haven’t seen the error messages anymore. It is sad that, as explained, performance will not be as good. That is something to think about before signing up for Cloudways or some other hosting provider with strict permission policies.

    Plugin Support wfphil

    (@wfphil)

    Hi Felipe,

    Thank you for the updates.

    The constant below may have helped but I see that you have switched to the MySQLi storage engine instead:

    define('WFWAF_LOG_FILE_MODE', 0660);

    https://www.wordfence.com/help/advanced/constants/#web-application-firewall-waf

    Thread Starter felipelungov

    (@felipelungov)

    Hi, after I messaged you I realized that switching to the MySQLi storage engine has caused an even greater amount of notices in my logs, so I switched back and I am now looking for a new hosting company where I can better control file permissions.

    Plugin Support wfphil

    (@wfphil)

    Hi @felipelungov

    Thank you for the update.

    If you need assistance please let me know.

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Unable to open /path-to/wp-content/wflogs/ips.php for reading and writing’ is closed to new replies.