Hello @netcentsii,
Sorry you’re having this issue.
May I ask you to follow these steps in order to provide us with additional info?
Also, if you have access to them, could you please check the web server logs?
Note that some log files might be available in the Log Files (Error messages from WordPress core, plugins, and themes) section on the “Wordfence –> Tools –> Diagnostics” page
Alternatively you could also enable the WordPress debugging feature.
1. Adjusted the max_execution_time to 15 as instructed, reran SCAn, no significant change.
2. Adjusted the max_execution_time to 24 which is 80% of diagnostics page value.
Scans went further then stalled at step “Scanning for unknown files in wp-admin and wp-includes.”
[Apr 27 14:40:09] Preparing a new scan. Done.
[Apr 27 14:40:09] Remote scan of public facing site only available to paid members Paid Members Only
[Apr 27 14:40:11] Check if your site is being Spamvertized is for paid members only Paid Members Only
[Apr 27 14:40:13] Checking if your IP is generating spam is for paid members only Paid Members Only
[Apr 27 14:40:15] Checking if your site is on the Google Safe Browsing list is for paid members only Paid Members Only
[Apr 27 14:40:17] Checking for the most secure way to get IPs Secure.
[Apr 27 14:40:18] Fetching core, theme and plugin file signatures from Wordfence Success.
[Apr 27 14:40:19] Fetching list of known malware files from Wordfence Success.
[Apr 27 14:40:20] Comparing core WordPress files against originals in repository
[Apr 27 14:40:20] Comparing open source themes against ww.wp.xz.cn originals
[Apr 27 14:40:20] Comparing plugins against ww.wp.xz.cn originals
[Apr 27 14:40:20] Scanning for known malware files
[Apr 27 14:40:20] Scanning for unknown files in wp-admin and wp-includes
.htacess file modified, now includes:
text/x-generic .htaccess ( UTF-8 Unicode English text )
# BEGIN s2Member GZIP exclusions
<IfModule rewrite_module>
RewriteEngine On
RewriteBase /
RewriteCond %{QUERY_STRING} (^|\?|&)s2member_file_download\=.+ [OR]
RewriteCond %{QUERY_STRING} (^|\?|&)no-gzip\=1
RewriteRule .* – [E=no-gzip:1]
</IfModule>
# END s2Member GZIP exclusions
# BEGIN litespeed noabort
<IfModule rewrite_module>
RewriteEngine On
RewriteRule .* – [E=noabort:1]
</IfModule>
# END litespeed noabort
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /sandbox
RewriteRule ^index\.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
# Wordfence WAF
<IfModule LiteSpeed>
php_value auto_prepend_file ‘/home/wtradio/public_html/sandbox/wordfence-waf.php’
</IfModule>
<Files “.user.ini”>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order deny,allow
Deny from all
</IfModule>
</Files>
# END Wordfence WAF
# php — BEGIN cPanel-generated handler, do not edit
# Set the “ea-php54” package as the default “PHP” programming language.
<IfModule mime_module>
AddType application/x-httpd-ea-php54 .php .php5 .phtml
</IfModule>
# php — END cPanel-generated handler, do not edit
Hi @netcentsii,
Please have a look at these suggestions.
@netcentsii,
In case you’re still experiencing the issue, could you please:
- Go to the Wordfence Tools page
- Click the Diagnostics tab
- Scroll down to the Send Report by Email section
- Send the report to yann[at]wordfence[dot]com
Also could you try and enable the debugging mode, start a new scan and paste here the last 20 lines or so of the activity log?
