Hi @eurisko,
May I ask which processes seem to be causing the server to fail? We’re happy to see error log entries or other diagnostics you’ve used to find them. Feel free to partially censor any paths that identify your website or server.
I’ve not seen an issue like this with using the noabort code before, so it might be helpful to us in deciding whether something can be done on the server to prevent the hanging processes. I appreciate manually altering files on a regular basis isn’t ideal.
Many thanks,
Peter.
Hey Peter.
The error happened back in early December last year. The website is fairly heavy, since it uses Elementor and WooCommerce. Near the begining of December we had the server fall over once or twice. Giving us a 503 Service Unavailable error. Each time I think I ended up fixing it by running the following command: pkill -9 -u <username> as it would kill all hanging processes.
After the 3rd time though, I went into check the resources in top and there was one proccess running at 90 %CPU and had been running for a couple of hours. top only gives us the Command name which is lsphp (LiteSpeed PHP, I think). So it’s hard to tell what process this was, only that it was using PHP.
We did a couple of things to improve the server like double all resources. I also ran pkill again and commented out the noabort code from the htaccess. We haven’t had any issues since. We were able to return the resources back to their original state at the begining last month without issues.
Regards,
Brendan Gilet
The hosting providers have recommended that we use the following .htaccess Rewrite rule instead:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/wordfence-waf\.php$
RewriteRule .* - [E=noabort:1]
</IfModule>
I’m not very proficient in writing Rewrite Rules, but would that work?
Hi @eurisko,
Unfortunately that code would be ineffective. The Wordfence scan that requires noabort to prevent timeouts is scanning all of your files site-wide for threats and not just the wordfence-waf.php, which is related to the firewall portion of the plugin. It might be more effective to test the following:
<IfModule LiteSpeed>
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule ^wp-admin/admin-ajax\.php$ - [E=noabort:1,E=noconntimeout:1]
RewriteRule ^wp-cron\.php$ - [E=noabort:1,E=noconntimeout:1]
</IfModule>
</IfModule>
Those files will be used frequently during the scan, although I can’t guarantee it’ll solve the problem due to the unknown reason for lsphp needing to be killed manually.
You can also exclude paths from the Wordfence scan in Wordfence > All Options > Advanced Scan Options > Exclude files from scan that match these wildcard patterns. If there are any particularly large folders created by caching plugins, or containing content such as images that can’t be altered by regular site users, you could add those to try cutting the scan time.
If the above rewrite code makes no difference. It could help us to send a diagnostic report to wftest @ wordfence . com from the top of the Wordfence Tools > Diagnostics page. Click on “Send Report by Email”. Any configuration errors or server-specifics that we’re not aware of might help.
Please add your forum username where indicated and respond here after you have sent it as the inbox is not monitored.
Many thanks,
Peter.
Hey Peter,
Letting you know that the code above works correctly. We’ll slowly roll out the code across our websites and monitor for hanging processes.
Thank you for your help!
Regards,
Brendan Gilet
