Wordfence rules update failed

  • Resolved hilbertknl

    (@hilbertknl)


    1 year, 4 months ago

    I saw a few other topics on this forum stating the same problem, nobody posted their solution.

    Recently we migrated all of our websites to a new Direct Admin server. Since then, existing but also new websites cannot receive the newest Wordfence rules. This is kinda weird for me.

    Message when updating manually:

    Geen regels geüpdatet. Controleer of je rechten hebt om te schrijven naar de folder /wp-content/wflogs.

    I already checked the permissions on the folder. This is always 755 (rwx-rx-rx).

    I already tried to disable all firewall settings (internal in Direct Admin) and in the router.

    I already checked the rules.php file in the wflogs folder. On existing installations, no rules were added. On new installations, the file does not get filled.

    I already enabled WP_DEBUG but no logs where added to the file.

    Are there other aspects I can check to solve this problem?

    Kind regards,
    Hilbert

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @hilbertknl, thanks for reaching out to us.

    If you’re not seeing permission failures to either your database or files reported on your Wordfence > Tools > Diagnostics page, also check for communication failures via IPv4.

    It’s also worth checking that in addition to 755 permissions on your WordPress site’s directories, the process owner is also www-data.

    If you experience persistent problems with the rules.php file, you can bypass this entirely by setting Wordfence to write to the MySQLi storage engine instead of a file: https://www.wordfence.com/help/firewall/mysqli-storage-engine/

    Let me know how what you find out!
    Peter.

    @hilbertknl What is the OS/Distro where DA is installed?

    • This reply was modified 1 year, 4 months ago by yorkki.
    Thread Starter hilbertknl

    (@hilbertknl)

    Hello @wfpeter ,

    In the diagnostics page, I find two red-marked items:
    Process Owner is unknown, that should not be a problem according to Wordfence.com.
    The second is “Connecting to Wordfence servers (http)”: wp_remote_post() test to noc1.wordfence.com failed! Response was: cURL error 28: Failed to connect to noc1.wordfence.com port 80: Connection timed out

    I tried to ping to this address, from the server it gives indeed failed to connect. On my local machine it pings me infinite with an timeout.

    On the server I tried to disable the firewalls but it seems like we are blocked by Wordfence’s servers. Is there a possibility for this to happen?
    We use 7 different servers with different outgoing IP’s. The IP’s of tho servers: 85.10.138.87 and 85.10.138.135.

    @yorkki the disto is AlmaLinux 9.

    Hi @hilbertknl , as I thougth.

    sha1 is disabled as crypto-policy by default on Alma and Rocky, so to get rules update again, need to enable it.

    update-crypto-policies --set DEFAULT:SHA1

    If you run that command and reboot the server, rules should update within next 30 minutes or so.

    p.s. Google the command first and make sure you understand what it does and if it effects anything else you might have on the server. Test this on a non-prod server first, if possible. Good resources are here and here. So until WF updates their end…

    • This reply was modified 1 year, 4 months ago by yorkki.
    Thread Starter hilbertknl

    (@hilbertknl)

    @yorkki thank you so much! Fixed the problem on all of our servers. I hope WF will update this in the near future…

    @hilbertknl No worries, glad to help. IF and when WF updates this, remember to revert / disable sha1 (optional, but recommended). You may even disable it now, if all of your WP sites have updated rules. Problem again is that new rules and sites won’t update. Anyways, to revert/disable sha1 type:

    update-crypto-policies --set DEFAULT and reboot.

    @wfpeter Hi Peter, I sent you e-mail about this. Could you WF guys take a look at this issue please. It’s, say the least, annoying problem on all RHEL9. Here is another post about it. And now that many CentOS’s are being updated / migrated to other RHEL9 distros, more and more rules are not updating, without people even knowing about it.

    Cheers,

    BR, – Yorkki

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Wordfence rules update failed’ is closed to new replies.