I am getting the same notification, except the tag is /public_html/malcare-waf.php. Malcare apparently seems to be another security plugin, which I think I obtained somehow when I migrated the site from one server to another. So it seems I am currently running the free version of both Wordfence and Malcare.
Plugin Support
WFAdam
(@wfadam)
Hello @warrenmarland and thanks for reaching out to us!
Some server setups will use the auto_prepend_file for other things and sometimes will cause conflicts.
If you could, can you send a diagnostic report to wftest @ wordfence . com? You can find the link to do so at the top of the Wordfence Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.
I can see what we need to do to complete the setup.
@njambassador As per forum guidelines below, could you please open your own topic and we would be glad to assist you:
“Unless users have the exact same version of WordPress on the same physical server hosted by the same hosts with the same plugins, theme, and configurations, then the odds are the solution for one user will not be the same for another. For this reason, we recommend people start their own topics.”
Thanks!
Plugin Support
WFAdam
(@wfadam)
Thanks for sending that @warrenmarland
Looks like your Server API is CGI/FastCGI. Using FTP or a file manager, navigate to your sites root directory and open your htaccess
file. Make sure this code is added to it:
# Wordfence WAF
<Files ".user.ini">
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order deny,allow
Deny from all
</IfModule>
</Files>
# END Wordfence WAF
Then save it, and open up your user.ini
, in the same directory. Make sure this code is present:
; Wordfence WAF
auto_prepend_file = '/path/to/waf/wordfence-waf.php'
; END Wordfence WAF
Make sure to adjust the path to the wordfence-waf.php
file to the one that is located in your root directory as well.
Once finished, you should see 84% (which is the max a free customer can reach) present on your Wordfence > Firewall page.
Let me know what you find!
Thanks!
Thank you. I’ve checked my .htaccess and.user.ini and they already contain the code that you told me to add. I’ve also checked with my hosting support that the path to wordfence-waf.php is correct. Did the diagnostic report I sent you show you that there is a problem here?
Plugin Support
WFAdam
(@wfadam)
Did you have to add or change anything?
Could you send me an updated diagnostic so I can see if the firewall is good now?
Thanks!