wfchar

Hi @rogue3ky,

Do you also have access to your MySQL logs, both error and the slow query logs if available? If so, could you send me a copy of today’s logs and your site’s PHP log for today if available (archived, please) to the email address above?

We’ve received the diagnostic report and are looking over it as well.

Thanks!

Hi @longliveking,

The files are likely being created by WordPress, not by Wordfence. Could you provide a list of the files you see in the /tmp/ directory? Also, could you go to Tools > Diagnostics and click “Send Report by Email”, send the report to [email protected], and fill in your forum username in the Forum Username field.

Thanks!

Hi @franck_b,

It’s certainly an interesting feature suggestion, and I’ll make sure it’s passed along to our developers to look into. Glad to see you aren’t having any more alerts!

Hi @mbsec,

I’ve shared your suggestion for whitelisting rate limiting with the development team for them to consider. Thanks for sharing it with us!

As for whitelisting your crawler, that does seem to be the best solution at this time. The other option would be to have your users increase their rate limits for crawlers enough to allow your crawler to function, but the IP address whitelist solution would be a better choice from a security and performance standpoint.

Hi @rogue3ky,

I’m sorry to see that you’re having to deal with repairing crashed tables — that’s annoying when you only have to do it once!

Can you please provide more information about how you’re performing the repair? Did this behavior start after performing any updates or adding new plugins?

Also, please go to Tools > Diagnostics and click “Send Report by Email” and fill in [email protected] for the email address and add your forum username to the Forum Username field. I’ll let you know once I’ve received it.

Thanks!

Hi Jae,

The error you’re describing seems to be a 500 error being thrown by the server indicating it doesn’t have enough resources available to handle processing all the requests being made of the system when you are visiting Appearance > Customize.

When you have the firewall enabled, are you seeing the same error for any other paths? This could be indicative of a more system-wide need for resources, rather than a particular need for a given path/plugin. If you have access to your server logs, or if your hosting offers support, you may want to check those logs as well to see if there’s any indication that you’re running out of resources and where. If the error is occurring anywhere else in your site, it could show up in the logs and give you a clearer idea of what may be causing the overload.

Hi @nokao,

This error is indicating that the table may have become corrupted. To try and repair the table:

1. In phpmyadmin, expand the wp database and scroll down to the wp_wfNet404s table.
2. In the “With selected” box, select Repair table. phpmyadmin will let you know if the repair is successful.

Let me know if this doesn’t successfully repair the table!

Hi @longliveking,

The files in the .tmp folder are likely being created when WordPress attempts to update a plugin and fails. It should be safe to delete these files; however, you should back them up first to be safe and contact Siteground to see if they can help you figure out either a way to maintain the tmp directory or see if they can assist with identifying where the update process is failing.

Let us know if you have any further questions!

Hi @davidbick01,

Since your credentials have been confirmed as correct, could you check and make sure that the files and folders for test.hanvecforum.fr have the correct owner and permissions?

If you have access to your server’s logs, you may want to see if there are any errors being reported related to accessing the filesystem for that site; it may help pinpoint where the issue is.

Hi @stanelly,

We’re not aware of any issues that should have effected the plugin’s ability to function around that time; are you still continuing to experience issues if you re-enable the plugin? If so:

• Please copy or screenshot the text of any warnings or errors that appear
• Go to Tools > Diagnostics and click Send Report by Email
• Send the report to [email protected]
• Include your forum username in the Forum Username field

If your site is continuing to experience issues after re-enabling, please disable the plugin after sending the diagnostic email and provide any messages seen.

Thanks!

Hi @bh007,

Could you please create a backup archive of the entire wp-content/wflogs folder and email it to [email protected]? Once that’s done:

• Delete the wflogs folder from the server
• Refresh any of the Wordfence plugin’s options pages — this regenerates the wflogs folder
• Switch the firewall to “Enabled and Protecting”

Once you’ve completed these steps, please let me know if you’re continuing to see the errors!

Hi @mveba,

We occasionally do see situations where Wordfence has been automatically deactivated due to a failed plugin update. To address this, you will need to:

Log in to your site using your FTP/SSH client
Remove the wordfence folder in wp-content/plugins
Reinstall Wordfence from the Plugins page in WordPress

You do not normally need to have the Wordfence Assistant, as it’s only needed to help resolve issues with Wordfence.

Are you still having issues with your login as well?

Hi @intermarketer,

The URLs reported include URLs that appear in files such as php and pdf files, in wp_posts, as well as any URLs that appear in comments. These can add up to hundreds of thousands of URLs on large sites; the numbers for yours don’t appear to be unusual.

Let me know if you have any further questions or concerns!

Hi @fileidol,

The message is your brute force protection notifying you that there was an attempt using the “admin” account and your server IP address. This type of message is very common as there are millions of login attempts made on WordPress sites every day, and is a sign that your protection is working.

If you’re the only one logging in to the site, you may want to enable “Immediately lock out invalid usernames”, which will help block faster. There’s also the “Immediately block the IP of users who try to sign in as these usernames” if you decide to use a different name for your administration account and make “admin” one that immediately triggers an IP block.

Let us know if you have any further questions or concerns!

Hi @linux4me2,

The “Exclude files from scan” functionality relates to the scan process and does not impact changed file notices. If you go to your All Options > Wordfence Global Options > Activity Report section, there’s a field labeled “List of directories to exclude from recently modified file list”; add your forum/cache/production folder here to have it excluded from your email summaries.

Let us know if you have any further questions or concerns!