Question about wordfence-waf.php and Firewall Optimization

  • Resolved Jan444

    (@ign2009)


    2 years, 6 months ago

    I have 4 sites in my root directory, each on a subdirectory.

    It appears that 1 of the sites have had the “control” over wordfence-waf.php.

    See the message:

    `To make your site as secure as possible, the Wordfence Web Application Firewall is designed to run via a PHP setting called auto_prepend_file, which ensures it runs before any potentially vulnerable code runs. This PHP setting is currently in use, and is including this file:

    /public_html/mysite/wordfence-waf.php

    If you don’t recognize this file, please contact us on the WordPress support forums (opens in new tab) before proceeding.

    You can proceed with the installation and we will include this from within our wordfence-waf.php file which should maintain compatibility with your site, or you can opt to override the existing PHP setting.`

    All the other 3 sites show this warning.

    I want that this works for all 4 sites.

    What should I do?

    I fear several things:

    1) that I screw up something server side if I click INCLUDE
    2) that if I click INCLUDE only the “next” site makes use of wordfence-waf.php and the other sites gets “orphaned”.

    Essentially that is.

    What should I do? Should I click on INCLUDE and trust that each site will be included as making use of this optimization?

    Will I screw something server side?

    We have had recently some Internal Server Error nightmare going on and I am afraid WordFence could take a rola on this and I don’t want to start all over again debugging things.

    Thanks for your help.

Viewing 3 replies - 1 through 3 (of 3 total)
  • WFSupport

    (@wfsupport)

    2 years, 6 months ago

    Debugging multiple WordPress sites in a single hosting account can definitely be a task that isn’t fun.

    I can’t speak to the internal server error as I don’t really have any details about that, but I will say your server error logs will help tremendously with that. Turning on the debug.log file will probably help too. (read here about how to enable debugging if you don’t already know)

    Back to the firewall question, on the 3 sites that give that message use the ‘override’ option. What it sounds like is happening is that the one working site has the auto_prepend_file variable set. Since it propagates into the subdirectories, and the other sites do not have the auto_prepend_file variable set, they are using the same one that is set in the working site. When you override the setting you’ll be telling Wordfence to create a .user.ini file in the sub sites’ WordPress installation directories and the variable will be set there. It will not affect the working site or the other sites, only the site it created or modified the .user.ini file in (eg : if there was already a .user.ini file in it).

    Let me know if this helps.

    Tim

    Thread Starter Jan444

    (@ign2009)

    2 years, 6 months ago

    Thanks! Makes sense.

    I just proceeded and got this message:

    The changes have not yet taken effect. If you are using LiteSpeed or IIS as your web server or CGI/FastCGI interface, you may need to wait a few minutes for the changes to take effect since the configuration files are sometimes cached. You also may need to select a different server configuration in order to complete this step, but wait for a few minutes before trying. You can try refreshing this page.

    How can I know when the changes have taken effect?

    Is it enough to visit the WordFense dashboard in some hours, and if there’s no warning I can be sure that the changes are there?

    Should I check the wordfence-waf.php file in some hours?

    Thanks for your help,

    WFSupport

    (@wfsupport)

    2 years, 6 months ago

    Yes, you can check in a few hours but normally it is much faster than that.

    Once the warning disappears, you can verify the Firewall is optimized by looking at the Wordfence Firewall > Manage WAF page on your site. In the Basic Firewall Options section look at “Protection Level”. If you see “Extended Protection: All PHP requests will be processed by the firewall prior to running” then your Firewall is optimized.

    Tim

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Question about wordfence-waf.php and Firewall Optimization’ is closed to new replies.