LFD errors | WordPress.org

linkup
(@linkup)

8 years, 10 months ago

I know this was address in another topic, but I didn’t care for the bandaid support option that was given.

https://wordpress.org/support/topic/help-with-csf-firewall-removing-lfd-process-check-for-wf/

The suggestion was to tell CSF to ignore Wordfence. I don’t think the security of the server should have to be compromised so a plugin can work. Furthermore, making a user go into the root of their server to accomplish this. Most users won’t have access to root and most users when asking their host to make exceptions for their applications will be told to take a hike.

I am getting hundreds of errors caused by Wordfence and it seems the better solution might be to get rid of Wordfence for a product that doesn’t make you bypass security or make root level changes to accomplish that

Viewing 4 replies - 1 through 4 (of 4 total)

Thread Starter linkup
(@linkup)

8 years, 10 months ago

I found through the CSF dashboard that you can modify the csf.pignore file to have it ignore what Wordfence is doing, but that topic, marked as resolved, never provided suggested lines to add to CSF.pignore? My hosts added a similar line for spamd, but that was a process, a cmd, not whatever it is that is causing the constant LFD errors.

Anyone had to deal with this, anyone know what exclusions to add to the file?

Thanks

davert318
(@davert318)

8 years, 9 months ago

I am wondering the same.

Sean Michaud
(@seismicpixels)

8 years, 8 months ago

Because the command line is wp-cron.php you’d either have to ignore something like
cmd:/usr/bin/php /home/*/public_html/wp-cron.php (which is probably bad since it’ll stop notifications on every script running with wp-cron) OR check out the Uptime in your notifications and set PT_LIMIT to something higher. You may still get some notifications, but they’ll be a lot less.

CSF states the following with the PT_LIMIT:
“The following is the number of seconds a process has to be active before it
is inspected. If you set this time too low, then you will likely trigger
false-positives with CGI or PHP scripts.”

davert318
(@davert318)

8 years, 8 months ago

Thanks. That’s good to know — both parts!

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘LFD errors’ is closed to new replies.

Tags

CSF

5 replies
3 participants
Last reply from: linkup
Last activity: 8 years, 8 months ago
Status: not resolved