[Defender] defender mixing up configs

Hi, today I added one site, removed one site. It seems that somehow defenders in sites mixing up configs. This is very bad I need to disable it for now:

[Thu Mar 22 06:08:29.988646 2018] [:error] [pid 18580] [client 49.229.57.8:24713] FastCGI: server "/var/www/clients/client3/web37/cgi-bin/php5-fcgi-*-443-flipaplate.eu" stderr: PHP message: PHP Fatal error: Class 'Hammer\\Base\\Container' not found in /var/www/clients/client3/web37/web/wp-content/plugins/wp-defender/vendor/hammer/bootstrap.php on line 28
[Thu Mar 22 06:09:00.347542 2018] [:error] [pid 21988] [client 34.196.51.17:21189] FastCGI: server "/var/www/clients/client3/web37/cgi-bin/php5-fcgi-*-443-flipaplate.eu" stderr: PHP message: PHP Warning: file_exists(): open_basedir restriction in effect. File(/var/www/clients/client4/web41/web/wp-content/plugins/wp-defender/vendor/hammer/base/container.php) is not within the allowed path(s): (/var/www/clients/client3/web37/web:disappointed:var/www/clients/client3/web37/private:disappointed:var/www/clients/client3/web37/tmp:disappointed:var/www/flipaplate.eu/web:disappointed:srv/www/flipaplate.eu/web:disappointed:usr/share/php5:disappointed:usr/share/php:disappointed:tmp:disappointed:usr/share/phpmyadmin:disappointed:etc/phpmyadmin:disappointed:var/lib/phpmyadmin:disappointed:var/www/clients/client5/web62/web/wp-content/plugins/wp-defender/) in /var/www/clients/client3/web37/web/wp-content/plugins/wp-defender/vendor/hammer/bootstrap.php on line 19, referer: https://www.flipaplate.eu/
[Thu Mar 22 06:09:00.347589 2018] [:error] [pid 21988] [client 34.196.51.17:21189] FastCGI: server "/var/www/clients/client3/web37/cgi-bin/php5-fcgi-*-443-flipaplate.eu" stderr: PHP message: PHP Fatal error: Class 'Hammer\\Base\\Container' not found in /var/www/clients/client3/web37/web/wp-content/plugins/wp-defender/vendor/hammer/bootstrap.php on line 28, referer: https://www.flipaplate.eu/

  • Dimitris

    Hello there Janos,

    hope you're doing good today and thanks for reaching us! :slight_smile:

    Hi, today I added one site, removed one site. It seems that somehow defenders in sites mixing up configs.

    What's the connection between these two sites, cause Defender should only affect .htaccess files of the site where's activated, nothing else.
    Please advise!

    Based on the error messages though, it seems to me that a open_basedir restriction is on effect, so this should be disabled.
    https://stackoverflow.com/a/34980645
    If this is too much for you, then contact your hosting provider and they should assist you with this in no time.

    If this is still an issue after above change, please grant support access to the website that was dealing with above errors, so we could have a better look.
    https://premium.wpmudev.org/docs/getting-started/getting-support/#chapter-5

    Looking forward for your results!
    Warm regards,
    Dimitris

  • Dimitris

    Hello there Janos,

    hope you're doing good today! :slight_smile:

    But why suddenly one defender installation from one site try to access an other site directory?

    Is this about nested websites in the server? For example, different WP installations in:
    - /public_html/
    - /public_html/another-site
    - /public_html/and-another-one

    I have experienced this and with File Scanning module of Defender. Main site was seeing folders of other sites and had to "ignore" them, but didn't have any issues with configurations.

    So, is this that some .htaccess rules in one site (root) are messing with nested ones? Even if this was happening, I think that the nested website .htaccess should have higher priority.

    Please advise!

    We tried this access thing in the past without any luck, your colleauge was not very familiar with SSH or so, couldnt connect.

    If you think that some server access could assist us better understand that, please send us your details through our safe contact form https://premium.wpmudev.org/contact/#i-have-a-different-question using this template:

    Subject: "Attn: Dimitris"
    - WordPress admin of affected sites (login url/username/password)
    - SSH/SFTP credentials (host/username/password)
    - link back to this thread for reference
    - any other relevant urls

    Keep in mind the subject line as ensures that it gets assigned to me.

    Warm regards,
    Dimitris

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.