Can you check in the wp_options* database table if there’s a nfw_checked option? That’s where the firewall stores the vulnerable plugins or themes found on your blog.
*If you changed your DB prefix, replace the wp_ with it.
The site where the warning is missing doesn’t have this option (row) and the other site that actually shows the warning has this option value:
a:1:{s:7:"plugins";a:4:{s:19:"jetpack/jetpack.php";a:1:{s:7:"version";s:3:"9.8";}s:25:"gtranslate/gtranslate.php";a:1:{s:7:"version";s:6:"2.8.65";}s:27:"woocommerce/woocommerce.php";a:1:{s:7:"version";s:5:"5.5.1";}s:27:"maintenance/maintenance.php";a:1:{s:7:"version";s:4:"4.03";}}}
Jetpack and Gtranslate are not installed anymore and Maintenance is already updated. I guess this list will be updated whenever the next insecure plugin was found?
What might be the reason that the option (row) doesn’t exists for that other site?
-Is the firewall’s cron job running? Install this plugin, activate it and go to “Tools > Cron Events”. Do you see a hook named nfwgccron?
If you don’t, go to the “Plugins” page, deactivate and reactivate Ninjafirewall. Then, check again in “Tools > Cron Events”.
-Can your site connect to ours? Check in the “NinjaFirewall > Dashboard” page if you see any error.
-Is that option enabled? Go to “NinjaFirewall > Event Notifications” and check the “Security updates” section.
Hi,
right the hook “nfwgccron” wasn’t active. Re-installing the NFW plugin solved the problem.
Maybe it’s an idea to create a check in NFW that the cron event is active. A dashboard warning would help a lot.
Right now I’m using NFW on more than 100 sites and during updates I check the NFW dashboard, but I’m not checking for all the cron events.
Thanks for your help.
The problem is that “nfwgccron” is the Garbage Collector, and its job is…to make sure everything is working, including other cron jobs.
So I’ll need to figure out how I can monitor it too. I’ll think about that.
Hi,
I noticed some updates recently. Are these related to this feature?
I have the idea that I got more emails after the update from all the websites (compared with the time before)
Yes, it was fixed, you can see that in the version 4.4.1 changelog:
NinjaFirewall will permanently monitor its scheduled tasks (cron) to make sure they are working. If they stopped, it would restart them and write the incident to its error log (which can be viewed from the “NinjaFirewall > Dashboard” page).
Thanks, that is the update what I meant.
It’s working perfectly now, nice work!
