nintechnet

Your host is using Linux Malware Detect?engine only, but they added their own signatures. False positives can occur sometimes, specially when scanning files belonging to security applications (firewall, antivirus).

It looks like the site returns some characters when the profiler connects to the admin AJAX ednpoint (/wp-admin/admin-ajax.php).

Can you try to open your browser’s console ( CTRL + Shift + J ), click on the “Start profiling” button and see if there’s any error? You can also check the result of the AJAX request in the console “Network” tab (you can filter on the admin-ajax substring). That will show you the response to the HTTP request.

The file isn’t infected, that’s a false positive.
Which rule in your malware scanner flags it ?
You can exclude the file from maldet. See # maldet --help

• This reply was modified 2 months ago by nintechnet.

It’s definitely one of the two options that are on the top of my todo list. However, that’s very tricky to do, due to the complexity of the profiler. I hope to have something like that available soon, but can’t tell you when yet.

Can you ask your host how/where to add the PHP auto_prepend_file directive? That’s very odd that it stopped working with PHP 8. Or maybe there’s a new option in your hosting admin panel where you can add the directive?

If you can’t whitelist the folder ( /wp-content/nfwlog/ ), you can change its location. See “Path to NinjaFirewall’s log and cache directory” at https://blog.nintechnet.com/ninjafirewall-wp-edition-the-htninja-configuration-file/

Can you add the directive for PHP 8 to your .htaccess and then run the troubleshooter script:
https://nintechnet.com/share/wp-check.txt

Check the PHP error log, it will show what that error is about.
If you don’t have a PHP error log, you need to enable debugging in WordPress:

1. Edit your wp-config.php file.
2. Search for:
   define('WP_DEBUG', false);
3. Replace with:
   define('WP_DEBUG', true);
4. Add this line below:
   define( 'WP_DEBUG_LOG', true );

Try to enable the firewall until you get the error and then check the log that will be saved to “/wp-content/debug.log”.

Sure, you can use any PHP code.
Maybe you can rely on the$_SERVER['SERVER_NAME'] environment variable? For instance:

<?php
if ( strpos( $_SERVER['SERVER_NAME'], 'first_domain.tld') !== false ) {

   // Load first_domain.tld wp-config.php

} elseif ( strpos( $_SERVER['SERVER_NAME'], 'second_domain.tld') !== false ) {

   // Load second_domain.tld wp-config.php

}

Thanks for the suggestion.
We’ll try to add an option to select the sorting order.

We are not allowed to provide support for the Premium version of NinjaFirewall here on www.remarpro.com, so please connect to your account and send your message from there: https://secure.nintechnet.com/login/

It seems it is not fixed yet, you’d need to let them know.
In the meantime, try to log out of WordPress and log in back again, but I don’t think that will solve the problem.

The /opt folder is available in all Linux distributions, but you need to be root, the admin, to access it. As that is a shared server, I recommend you contact your host and show them the error message and tell them that it happens when a PHP script calls session_start().

Can you make sure that PHP can access (read/write) the /opt/alt/php83/var/lib/php/session/ folder ? It seems it can’t access it, which would mean that’s a permissions issue. Did you update PHP lately?

• This reply was modified 3 months ago by nintechnet.

Can you enable debugging in WordPress and see if there’s anything written to the PHP error log?

1. Edit your wp-config.php file.
2. Search for:
   define('WP_DEBUG', false);
3. Replace with:
   define('WP_DEBUG', true);
4. Add this line below:
   define( 'WP_DEBUG_LOG', true );

Try to run the scanner until you get the error and check the log that will be saved to “/wp-content/debug.log”.