Hello @warrenmarland and thanks for reaching out to us!

Some server setups will use the auto_prepend_file for other things and sometimes will cause conflicts.

If you could, can you send a diagnostic report to wftest @ wordfence . com? You can find the link to do so at the top of the Wordfence Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.

I can see what we need to do to complete the setup.

@njambassador As per forum guidelines below, could you please open your own topic and we would be glad to assist you:
“Unless users have the exact same version of WordPress on the same physical server hosted by the same hosts with the same plugins, theme, and configurations, then the odds are the solution for one user will not be the same for another. For this reason, we recommend people start their own topics.”

Thanks!

Thanks for sending that @warrenmarland

Looks like your Server API is CGI/FastCGI. Using FTP or a file manager, navigate to your sites root directory and open your htaccess file. Make sure this code is added to it:

# Wordfence WAF
<Files ".user.ini">
<IfModule mod_authz_core.c>
    Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
    Order deny,allow
    Deny from all
</IfModule>
</Files>
# END Wordfence WAF

Then save it, and open up your user.ini, in the same directory. Make sure this code is present:

; Wordfence WAF
auto_prepend_file = '/path/to/waf/wordfence-waf.php'
; END Wordfence WAF

Make sure to adjust the path to the wordfence-waf.php file to the one that is located in your root directory as well.

Once finished, you should see 84% (which is the max a free customer can reach) present on your Wordfence > Firewall page.

Let me know what you find!

Thanks!

Did you have to add or change anything?

Could you send me an updated diagnostic so I can see if the firewall is good now?

Thanks!