Scan Hangs Before It Gets Really Started
-
I just installed Wordfence 6.0.15 on a site with a different server from the one on which I’ve successfully used Wordfence before.
The scan progress ends with:
[Sep 04 17:01:14]
Fetching core, theme and plugin file signatures from WordfenceAnd the log ends with:
[Sep 04 14:12:37:1441390357.000792:1:info] Contacting Wordfence to initiate scanI checked Start all scans remotely without effect.
I verified that Ajax is working OK with /wp-admin/admin-ajax.php
Lane
-
Near the bottom of the Wordfence Options page, try clicking the link “Click to test connectivity to the Wordfence API servers”. This should tell you if the site can connect successfully.
If the test says that it cannot connect, your host may need to fix curl or firewall options, to allow outbound connections, as described here:
Scan terminated with an error … connecting to Wordfence scanning serversIf the connection test works without problems though, can you turn “Start all scans remotely” back off, try a scan again, and post 10 lines of the bottom log?
Thanks for sticking with me on this. The connectivity test said this:
DNS lookup for noc1.wordfence.com returns: 69.46.36.8
STARTING CURL http CONNECTION TEST….
Curl connectivity test passed.STARTING CURL https CONNECTION TEST….
Curl connectivity test passed.Starting wp_remote_post() test
wp_remote_post() test to noc1.wordfence.com passed!Starting wp_remote_post() test
wp_remote_post() test to noc1.wordfence.com passed!Here is the whole log from when the scan started:
[Sep 04 14:12:37:1441390357.398378:2:info] Found 2 themes
[Sep 04 14:12:37:1441390357.396987:2:info] Getting theme list from WordPress
[Sep 04 14:12:37:1441390357.395686:2:info] Found 17 plugins
[Sep 04 14:12:37:1441390357.375809:2:info] Getting plugin list from WordPress
[Sep 04 14:12:37:1441390357.000792:1:info] Contacting Wordfence to initiate scanIt always goes no further, so it looks like a failure to connect with Wordfence.
Lane
Did you have the debugging option enabled? That might provide a little more detail. Also, set the “Maximum execution time for each scan stage” to 20.
tim
I just enabled debugging and 20 sec. Here are the most recent lines from the log from a new scan:
[Sep 06 12:20:41:1441556441.160461:4:error] gzinflate(): data error (2) File: /home/gacommor/public_html/wp-includes/class-http.php Line: 2136 [Sep 06 12:20:40:1441556440.709687:4:info] Calling Wordfence API v2.17:https://noc1.wordfence.com//v2.17/?v=4.3&s=http%3A%2F%2Fgacomm.org&k=b97fa046c2f357fd03468315c0986eb61291fe368d8e14af982a9b2682064a4e7314ea43e43a7675080f081f8e50a10900998cc5aacdfbe0fcf7997d0a679b33&action=get_known_files [Sep 06 12:20:40:1441556440.709272:10:info] SUM_START:Fetching core, theme and plugin file signatures from Wordfence [Sep 06 12:20:40:1441556440.692862:2:info] Found 2 themes [Sep 06 12:20:40:1441556440.691571:2:info] Getting theme list from WordPress [Sep 06 12:20:40:1441556440.689999:2:info] Found 18 plugins [Sep 06 12:20:40:1441556440.689448:2:info] Getting plugin list from WordPress [Sep 06 12:20:40:1441556440.452515:4:info] Calling Wordfence API v2.17:https://noc1.wordfence.com//v2.17/?v=4.3&s=http%3A%2F%2Fgacomm.org&k=b97fa046c2f357fd03468315c0986eb61291fe368d8e14af982a9b2682064a4e7314ea43e43a7675080f081f8e50a10900998cc5aacdfbe0fcf7997d0a679b33&action=log_scan [Sep 06 12:20:40:1441556440.452144:1:info] Contacting Wordfence to initiate scan [Sep 06 12:20:40:1441556440.451032:10:info] SUM_ENDOK:Scanning your site for the HeartBleed vulnerability [Sep 06 12:20:39:1441556439.952206:4:info] Calling Wordfence API v2.17:https://noc1.wordfence.com//v2.17/?v=4.3&s=http%3A%2F%2Fgacomm.org&k=b97fa046c2f357fd03468315c0986eb61291fe368d8e14af982a9b2682064a4e7314ea43e43a7675080f081f8e50a10900998cc5aacdfbe0fcf7997d0a679b33&action=scan_heartbleed [Sep 06 12:20:39:1441556439.951659:10:info] SUM_START:Scanning your site for the HeartBleed vulnerabilityLane
Can you try the troubleshooting steps in this document, and let us know what the “max_execution_time” was?
My scans don’t finish. What would cause that?I see the “gzinflate()” error, but it might not be related — I have seen this on at least one server that completes scans successfully. (WordPress itself hides the error, while it tests which type of compression was used for a connection, but apparently Wordfence still finds and logs it.)
max_execution_time is not found on the Wordfence diagnostic page.
I found a php.ini in public_html with this:
max_execution_time = 30I ran phpinfo.php on the site, and as expected, got this:
max_execution_time 30 30Following the instructions in the thread you provided, I set the max time per scan to 24. The results from the following scan are the same as before:
[Sep 07 07:35:15:1441625715.832599:4:error] gzinflate(): data error (2) File: /home/gacommor/public_html/wp-includes/class-http.php Line: 2136 [Sep 07 07:35:15:1441625715.287415:4:info] Calling Wordfence API v2.17:https://noc1.wordfence.com//v2.17/?v=4.3&s=http%3A%2F%2Fgacomm.org&k=b97fa046c2f357fd03468315c0986eb61291fe368d8e14af982a9b2682064a4e7314ea43e43a7675080f081f8e50a10900998cc5aacdfbe0fcf7997d0a679b33&action=get_known_files [Sep 07 07:35:15:1441625715.287000:10:info] SUM_START:Fetching core, theme and plugin file signatures from Wordfence [Sep 07 07:35:15:1441625715.283767:2:info] Found 3 themes [Sep 07 07:35:15:1441625715.281904:2:info] Getting theme list from WordPressLane
Above the “Scan Detailed Activity” box, can you click the “Email activity log” link, and enter my email address? It is: mattr (at) wordfence.com
There might be something else I can see in the full log, but it’s hard to say. The host may be limiting time or memory in a different way from usual, outside of php.ini, or suppressing error messages so it’s not showing you what is wrong.
If you know where to find your site’s error log, that might help as well. On some hosts it may be in the site root, and there may be a second one in wp-admin (often named “error_log”, but not always), or it may be in a folder of logs outside of your site’s folder.
Lane,
I haven’t found anything definite yet from the scan log you had emailed. I don’t think the errors about missing modules in the error_log file would cause it, but your host should fix those anyway.
One more thing to try: If you can temporarily enable WP_DEBUG, just long enough to complete a scan, you may get a more relevant message in your error log. To enable it, edit your wp-config.php, and look for the line:
define('WP_DEBUG', false);Change the false to true, and then try running the scan. Make sure afterward to set it to false again.
You might also need to ask your host if they have a proxy for outgoing HTTP requests from the server — it could be that the proxy is breaking the data that is coming back from the Wordfence servers.
I hate it when a client is using a hosting company I know nothing about. This client is using qualityhostonline.com, and I can’t log on for support. The reasons are too ridiculous to spell out, but fortunately I have an email address for support. Hopefully, I’ll be able to eventually file a ticket about the missing modules.
I was unable to try the false to true test you suggested. When I made the change and visited the wp-admin URL, instead of the logon screen, I got this mess:
Notice: wp_deregister_script was called incorrectly. Scripts and styles should not be registered or enqueued until the wp_enqueue_scripts, admin_enqueue_scripts, or login_enqueue_scripts hooks. Please see Debugging in WordPress for more information. (This message was added in version 3.3.) in /home/gacommor/public_html/wp-includes/functions.php on line 3622 Notice: wp_deregister_style was called incorrectly. Scripts and styles should not be registered or enqueued until the wp_enqueue_scripts, admin_enqueue_scripts, or login_enqueue_scripts hooks. Please see Debugging in WordPress for more information. (This message was added in version 3.3.) in /home/gacommor/public_html/wp-includes/functions.php on line 3622 Warning: session_start(): Cannot send session cookie - headers already sent by (output started at /home/gacommor/public_html/wp-includes/functions.php:3622) in /home/gacommor/public_html/wp-content/plugins/botblocker/botblocker.php on line 20 Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /home/gacommor/public_html/wp-includes/functions.php:3622) in /home/gacommor/public_html/wp-content/plugins/botblocker/botblocker.php on line 20 Notice: Undefined index: cforms_smtp in /home/gacommor/public_html/wp-content/plugins/cforms/lib_aux.php on line 12 Notice: Undefined variable: smtpsettings in /home/gacommor/public_html/wp-content/plugins/cforms/lib_aux.php on line 15 Notice: Undefined index: cforms_showdashboard in /home/gacommor/public_html/wp-content/plugins/cforms/cforms.php on line 1677 Notice: Use of undefined constant ddsg_language - assumed 'ddsg_language' in /home/gacommor/public_html/wp-content/plugins/sitemap-generator/sitemap-generator.php on line 45 Notice: Undefined index: widgets in /home/gacommor/public_html/wp-content/plugins/cforms/cforms.php on line 1456 Warning: Cannot modify header information - headers already sent by (output started at /home/gacommor/public_html/wp-includes/functions.php:3622) in /home/gacommor/public_html/wp-includes/pluggable.php on line 1207Lane
Ah, that’s not good either! It looks like at least one theme or plugin caused trouble for a few others (the “session” and “cannot modify header” messages are probably ok without the first two issues) — but a number of the plugins had other issues, too.
I don’t think most of these would cause the scan issue directly, but if there are this many programming issues in the various plugins, one may be causing other problems. If you can temporarily disable all the rest of the plugins (and possibly even switch to a default theme like “twentyfifteen”), and try running a scan then, it may work. If it works, you can then enable one plugin at a time, and start a scan again, until you find the one that breaks it.
I know some themes don’t behave when they’re disabled and re-enabled, so I’m not sure if you want to test the theme. Some plugins also lose their settings, but most up to date plugins that I’ve seen don’t — but I’d still do this outside of peak hours of course, in case any of them need to be set up again.
Sorry it’s not working easily — if it’s a plugin conflict, those can be hard to troubleshoot since there are so many plugins available. If it still doesn’t work with everything disabled, there has to be something set up in a strange way at the host.
The topic ‘Scan Hangs Before It Gets Really Started’ is closed to new replies.
