gabier2

Thank you nintechnet for answering,

but it did not work.
Yesterday night as you suggested I changed the path in the exclusion list to
/wp-content/wflogs/

and to-day at 15:19 I received again alert for files changes

== NinjaFirewall File Check (diff)
== https://www.chomage-et-monnaie.org
== Fév 14, 2021 @ 14:18:40 +0100
[+] = Nouveau fichier      [!] = Fichier modifié      [-] = Fichier supprimé
[!] /home/chomagee/www/wp-content/wflogs/config-synced.php
[!] /home/chomagee/www/wp-content/wflogs/rules.php
[!] /home/chomagee/www/wp-content/wflogs/config-transient.php
[!] /home/chomagee/www/wp-content/wflogs/config-livewaf.php
[!] /home/chomagee/www/wp-content/wflogs/ips.php
[!] /home/chomagee/www/wp-content/wflogs/.htaccess
[!] /home/chomagee/www/wp-content/wflogs/config.php
[!] /home/chomagee/www/wp-content/wflogs/attack-data.php

???
?? gabier

Hello nintechnet,
Indeed the site had crashed! You noticed it before me !! My first task was to restore it. Fortunately it does not change very often, I can use the automatic backups of my ISP.
I try now to find the error logs. I haven’t succeeded yet

Hello nintechnet,
Thank you for your patience.
I could not reproduce the error in the console, but never mind, I can de-activate Wp All Import or even uninstall it because I do not need it often.
When deactivated, I tried to go through ninja tuning. I clicked on “Activate Full WAF” and I had again the option page.
As you suggested I chose “Je veux faire les changements moi-même” (I want to do all changes myself” and I had to insert .user.ini file in the www folder of the site.
But when clicking on “Finish” I had an error
“Erreur : Le serveur HTTP a retourné le code d\’erreur suivant : “500 Internal Server Error”.
Approximate translation : “Error: the HTTP server has returned the following error code :’500 internal Server Error'”
I found somewhere that such an error can be cause by a bad option in the .access file. That is why I post below my .access file.

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

Options -indexes
ServerSignature Off

SetEnv PHP_VER 5_5

<Files ~ "^.*\.([Hh][Tt][Aa])">
order allow,deny
deny from all
satisfy all
</Files>
 
<files wp-config.php>
order allow,deny
deny from all
</files>

# Wordfence WAF
<Files ".user.ini">
<IfModule mod_authz_core.c>
	Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
	Order deny,allow
	Deny from all
</IfModule>
</Files>

# END Wordfence WAF

I did that but nothing appeared at the console when I clicked on the “Activate the Full WAF Mode” button in the Ninja Dashboard page.
I have not inserted any js code in this site. As for the CSS what do you mean by “messing with the CSS code ” ?
?? gabier2

Yes nintechnet, the button looks OK and can be clicked, but nothing happens.
Here is the result of the script

NNinjaFirewall (WP edition) troubleshooter
HTTP server : Apache
PHP version : 7.2.31
PHP SAPI : CGI-FCGI

auto_prepend_file : none
wp-config.php : found in /home/jfgaleri/www/wp-config.php
NinjaFirewall detection : NinjaFirewall WP Edition is loaded (WordPress WAF mode)

Loaded INI file : /usr/local/php-config/7.2/php-cgi.ini
user_ini.filename : .user.ini
user_ini.cache_ttl : 300 seconds
User PHP INI : none found

DOCUMENT_ROOT : /home/jfgaleri/www
ABSPATH : /home/jfgaleri/www/
WordPress version : 5.5
WP_CONTENT_DIR : /home/jfgaleri/www/wp-content
Plugins directory : /home/jfgaleri/www/wp-content/plugins
User Role : Administrator
User Capabilities : manage_options: OK – unfiltered_html: OK
Log dir permissions : /home/jfgaleri/www/wp-content/nfwlog dir is writable
Cache dir permissions : /home/jfgaleri/www/wp-content/nfwlog/cache dir is writable

NinjaFirewall (WP edition) troubleshooter v1.9.1

?? gabier

Thank you Neil,
I understand that if not specified else, CF7 uses for fonts the “body” CSS parameters in the “style.css” file.
I added some CF7 CSS stuff in my style.CSS as explained in your “Styling Contact Form”

/* Contact Form */
.wpcf7 {
	color:black;
	margin : 0 auto 0.5em 0.3em;
	font-size:1.3em;
}

And it did the trick.
Problem solved

Hello,
Thanks for help, I sent the report but the issue seems to have vanished. I have been busy for a couple of days and when I went to my wordfence page, the error panel was not there anymore. A new scan did not find any issue.
Maybe we wait for another occurence.

?? gabier

Hi apsolut,

The importer V2 works. No time limit. One must indeed delete the old importer. If you don’t, the old one is used !!!
It is not perfect yet. When the receiving configuration has no registered users, authors are not imported as authors but as suscribers, I wonder why this is. The solution is to create first the authors and then import. But if you have many authors, it is not easy anyway.
Also some authors are not imported at all or are “not found”, especially for comments.
But I consider my problem is solved. Thank you for help.

?? gabier

P.S. I did not try the “local by Flywheel” because on my sites (the remote one and the clone), I have applications running outside wordpress, thus I prefer to have a full local server.

• This reply was modified 7 years, 5 months ago by gabier2.

Thank you for reply,
I understand it is not possible to modify your log.
I can “exclude files from WF scan that match wildcard patterns” I entered “/nfwlog/”.
It may work.
?? gabier