Scan by Defender Never Stops and Can't be stopped?

Hello Team

I kicked off a scan of my site yesterday afternoon.

I understand that if I navigated away from that page, the scan continues.

This morning, I went back to that page, and it looks like the scan is still going, although the progress indicator doesn't appear to have moved very much.

Question:

1. Is this normal?

2. When I cancel it by clicking on the cancel button, it doesn't seem to want to stop. Is this normal?

3. It appears to be slowing down my site, assuming that it is still running. How can I terminate the scan?

Thanks so much!

William

  • Adam Czajczyk

    Hello William,

    I hope you're well today and thank you for your question!

    The scan can take more or less time depending on your server config and the complexity of your site however it shouldn't take that long I think. It should also stop when you press the "Cancel" button.

    Would you mind if I took a look at your site and check Defender's debugging information? In order to do this I'd need to access your site via WPMU DEV Dashboard plugin. Here's an information on how to grant a support access for me:

    https://premium.wpmudev.org/manuals/wpmu-dev-dashboard-enabling-staff-login/

    Best regards,
    Adam

  • Shane

    I'm not sure if this is your problem but I have had similar issues with wordfence and it was due to the server being a litespeed server.

    To fix the issue i add the following to the .htaccess file and it fixes the issue.

    Quote
    -------------------------------------------------------------------------------------------------------------------

    The LiteSpeed web server has been known to kill or stop processes that take more than a few seconds to run. It does not stop these processes gracefully but simply kills them silently.

    When using software like Wordfence or backup software that needs a little more time to complete certain tasks, this can lead to problems. If you are using Wordfence's auto-update feature, this may lead to your site becoming unusable, if LiteSpeed kills an upgrade halfway through copying files.

    To prevent this you need to make a very simple change:

    Find your site's .htaccess file. This file usually lives in your website root folder. So it may be in a folder like public_html/.htaccess
    Open the file with a text editor.
    Find the line that says "# BEGIN WordPress" and add this code above it:

    # BEGIN litespeed noabort
    <IfModule rewrite_module>
    RewriteEngine On
    RewriteRule .* - [E=noabort:1]
    </IfModule>
    # END litespeed noabort

    This will tell LiteSpeed to not abruptly abort requests. It should allow your site to update correctly, allow Wordfence scans to run to completion, and it will also allow any backup plugins on your WordPress site to function without problems from timing out.
    --------------------------------------------------------------------------------------------------------
    End Quote

  • Hoang Ngo

    Hi @williampyeo,

    I hope you are well today.

    Defender will rely on WordPress cronjob, which mean if you turn of WP_Cronjob, or your site lack of traffic, the cronjob will not run properly => scan will likely paused.

    2. When I cancel it by clicking on the cancel button, it doesn't seem to want to stop. Is this normal?

    3. It appears to be slowing down my site, assuming that it is still running. How can I terminate the scan?

    Somehow yes, if you turn on automate scan, and if the time has come, the system will auto queue a scan, no matter what. You can turn of the automate scan, then stop the scan.

    If you have any additional issues, please let us know and we'll be happy to help.

    Best regards,
    Hoang

  • William

    Hi Hoang

    Thanks for the feedback.

    There is a new update today, and after updating and rerunning scan, it appears to be working much better without needing me to do anything on my end. What's changed?

    I also conveyed your feedback to hosting company, and here's the feedback:

    "
    [Mon Mar 21 12:04:20.025070 2016] [:error] [pid 25263] [client 66.162.212.19:26412] PHP Fatal error: Call to undefined method stdClass::save() in /nas/content/live/pctinytest123/wp-content/plugins/wp-defender/app/module/scan-module/component/class-wd-suspicious-scan.php on line 91, referer: http://pctinytest123.wpengine.com/wp-admin/admin.php?page=wdf-scan
    "

    Any reactions to what they found?

  • Adam Czajczyk

    Hello William!

    There's been some some fixes added with recent update of the plugin, including scan performance optimization for some servers. I think that's what helped here.

    As for the error. This means that the that the script was trying to insert some value to a null object/model. Most likely this wasn't a reason but rather a result of the issues you were experiencing.

    Best regards,
    Adam

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.