[DEFENDER] issues from scan back again and again from ignored

Using defender on website *****.org and we got notifications on 8/9 11/14 and then again on 12/3 all for the same folders and files from files scanning.
We ignore those files and folder and they back again and again from ignored to issue tab.

  • Ash
    • WordPress Hacker

    Hello James Squires

    Do you have redis cache on your server? If so, would you please disable that and give one more try?

    If you still get the same issue, would you please enable debug mode and check if there is any error? To enable debug mode please go to wp-config.php and change

    define( 'WP_DEBUG', false );

    to

    define( 'WP_DEBUG', true );
    define( 'WP_DEBUG_DISPLAY', false );
    define( 'WP_DEBUG_LOG', true );

    Now, ignore those files again. That will may create a file called debug.log inside wp-content folder. Open that file, check the very bottom and you will see the latest errors. Please send me those.

    Have a nice day!

    Cheers,
    Ash

  • James Squires
    • WPMU DEV Initiate

    Hello again,

    There is nothing to debug in this issue as the Defender DOES indeed marked the files as ignored. However at a later date the scan will return those same files and report them - so we have to mark them ignored again - and again. Shouldn't they stay marked as ignored after the first time?

    Thanks -

  • Nithin
    • Support Wizard

    Hi James Squires,

    Shouldn't they stay marked as ignored after the first time?

    Yes, the plugin shouldn't list files which are marked as ignored in the File Scan results. I did test in my servers to see whether I could replicate any similar issue but it seems to work fine with old sites where the files marked as ignored still seems to be Ignored.

    It's odd that the same files do get listed again in your side. When I checked your dashboard, I could notice there aren't any files listed under Issues, and Ignored tabs at the moment.

    I suppose it's because of the Scan types disabled in the Defender side as seen in the following screenshot:

    Could I know any specific reason to disable the above options? Is it due to the issues noticed on the ticket? I could notice if the scan was performed with all the above options disabled, and then re-enable the options again, and re-scan it the ignored files would get listed. Were any of those options enabled/disabled before noticing such anomalies?

    Other than that, there isn't any instance I could replicate similar issues in general. I tried to run a Defender scan, but I'm noticing 500 error in the console, and the scan not completing so wasn't able to test further.

    Could you please make sure the server has enough memory resources, at least to the following values:

    upload_max_filesize = 128M
    post_max_size = 256M
    memory_limit = 512M
    file_uploads = On
    max_execution_time = 300

    To check the current server resources, you can create a file called info.php in the root folder, and add the following code:
    <?php phpinfo(); ?>

    Once done, open the info.php via the browser address bar, like:
    yourwebsiteURL.com/info.php

    Which should list the values for memory_limit etc. Please make sure there are enough server resources, and if not, you can follow this article on how to increase the resources:
    https://premium.wpmudev.org/blog/increase-memory-limit/

    Please do let us know how that goes so that we could give a closer look at the "ignored" files issue. Have a good day ahead.

    Best Regards,
    Nithin

  • James Squires
    • WPMU DEV Initiate

    Hello again,

    Yes on some of our websites we turned off the scans to stop the actions from repeating.
    I am not sure which web site you looked at. We have a lot of them.
    Because of this we had to turn off the reports as we kept getting email reports of files that needed to be ignored again.
    I will see if I can get some time to chase this down.

  • Nithin
    • Support Wizard

    Hi James Squires,

    I am not sure which web site you looked at. We have a lot of them.
    Because of this we had to turn off the reports as we kept getting email reports of files that needed to be ignored again.
    I will see if I can get some time to chase this down.

    We were checking the reported website which was hempsxxxxxxxx.org. Please do follow up when you have time to give a look regarding this so that we could check further if needed.

    Have a nice day ahead.

    Regards,
    Nithin

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.