Wordfence, a wordpress plugin, is interfering with a phpbb bulletin board for some reason. When I try to go into the ACP screen in phpbb, and re-authenticate, I get a wordfense error of "403 Forbidden: A potentially unsafe operation has been detected in your request to this site. Generated by Wordfence at..."
I have tried removing wordfence from every wordpress installation on the domain. I have tried reinstalling phpbb 3.2.7. This is happening on any domain I have with phpbb. All the domains are on mydomain.com.
I have contacted wordfence support and got no help. I have contacted mydomain.com and their techs are scratching their heads and still working on it.
phpbb Version: 3.2.7
Server Info:
MySQL Version: 5.6.32
PHP Version: 5.6
Platform: Debian
OPcache if configured for performance could cause this as .php files are not checked for deletion or changes. If you can get into the main page of the ACP purging phpBB's cache will conveniently trigger a purge of OPcache.
Cloudflare by default would not cause this as they do not cache .html, .php etc unless the user has explicitly made changes. You can always check the response header for CF-Cache-Status: HIT to see if it's cached by Cloudflare
That said I'd be looking at the documentation for wordfence, they must have the means to ignore directories outside of the WordPress install.
“Results! Why, man, I have gotten a lot of results! I have found several thousand things that won’t work.”
thecoalman wrote: ↑Tue Jun 04, 2019 11:23 pm
OPcache if configured for performance could cause this as .php files are not checked for deletion or changes. If you can get into the main page of the ACP purging phpBB's cache will conveniently trigger a purge of OPcache.
Cloudflare by default would not cause this as they do not cache .html, .php etc unless the user has explicitly made changes. You can always check the response header for CF-Cache-Status: HIT to see if it's cached by Cloudflare
That said I'd be looking at the documentation for wordfence, they must have the means to ignore directories outside of the WordPress install.
Cannot get into ACP
Never heard of Clouidflare
Wordfence support was not helpful. They said that wordfence can effect outside of wordpress, and then directed me to a Live Scan to which no entry existed for the phpbb.
If it's installed with changes to .htaccess or server config it can certainly affect files within phpBB directory. Software like this usually comes with the means to ignore directories.
KevC wrote: ↑Tue Jun 04, 2019 8:52 pm
Are you sure it's not just your hosts mod_security triggering something?
The wordpress and phpBB installations are totally self contained and should have no way of interfering with each other.
I have no idea.
You can go into your cPanel and there should be an option to disable mod_security. If not, ask your host about it. Turn it off first for testing. If that isn't the problem turn it back on. If the problem is mod_security, your host will have to change it to not interfere with your website's.
You can always clear your cache in the FTP. This is not sql related. Log into your FTP and in the cache folder delete the production folder. It will rebuild.