Question 166367 in Wordpress Question posted in
The official Wordpress documentation can be found here.

Why am I getting Error log messages “REQUEST_FILENAME” on WordPress?

Maybe someone had the same problem? I’m using WordPress sites and getting this following error in my metrics. I’ve already deactivated Auto Updates on Softacolous so now I get less errors, but those ones still couldn’t understand:

[Fri Apr 16 11:57:30.115119 2021] [:error] [pid 4189499:tid 47071174346496] [client 193.106.30.100:51380] [client 193.106.30.100] ModSecurity: Warning. Match of "pmFromFile path_excludes" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/imunify360-full-apache/004_i360_4_custom.conf"] [line "905"] [id "77140992"] [msg "IM360 WAF: Suspicious access attempt (WP folders)!||SC:/home/optim085/rshestakov.com/wp-content/plugins/wp-file-manager||T:APACHE||REQUEST_URI:/wp-content/plugins/wp-file-manager/lib/files/hardfork.php||"] [severity "NOTICE"] [tag "service_i360custom"] [tag "noshow"] [hostname "rshestakov.com"] [uri "/wp-content/plugins/wp-file-manager/lib/files/hardfork.php"] [unique_id "YHlfii5NrBxmL1xubinBiwAAANE"]

Thanks in advice!

Tags:

2

Answers


  1. 0

    OWASP ModSecurity Core Rule Set project here.

    This is an alert or a false positive alert from your commercial Imunify360 web application firewall. You should get in touch with the Imunify support to solve this for you. It’s a paid service after all.

    Login or Signup to reply.
  2. 0

    Like dune73 allready mentioned this is a message generated by immunify360. It might well be legitimate so first you need to check if it was you who triggered it or some unauthorized source.

    Check if your ip-address is the same as the ip-address mentioned in the error message. If this is the case it might be a false positive.
    Check whether there is a PHP warning in your error log saying something like:

    PHP Warning: POST Content-Length of 9852139 bytes exceeds the limit
    of 8388608 bytes

    Over the last few weeks I’ve seen this happening to several people who were trying to install a wordpress theme. If this is the case with you as well you should probably check if upping the php limits helps to solve it. (to people who haven’t done this before: you can do this by either creating a .user.ini file or by altering a .php.ini file – depending on the setup of your server)

    If this still fails you could try looking for the incident in the Immunify360 interface. If it’s in there you can whitelist it.

    I hope this helps. If you have any more questions please let me know!

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search