Blocking file and .htaccess access breaks firewall optimisation

Hi @cultidev, thanks for getting in touch.

Wordfence through the www-data user on your server requires physical file access for its log files and firewall rule updates. The firewall optimization is achieved by altering the auto_prepend_file directive in your .htaccess file and running this before site content is hosted to any visitors requesting pages on your site.

The easiest way to correct this is to undo the changes you made with WordPress Toolkit that are denying Wordfence access to the resources it needs to set itself up.

However, you are welcome to read our documentation around alternative firewall optimization configurations and enabling MySQLi logging if you wish to try finding a workaround to support the changes you’ve made:

https://www.wordfence.com/help/firewall/optimizing-the-firewall/
https://www.wordfence.com/help/firewall/mysqli-storage-engine/

Thanks,

Peter.

Hi Peter,

Thank you for your assistance. I will read through those docs and then make a decision.

Kind regards
Logan

Hi,

I recently granted access to the .htaccess file again by reverting that setting in WordPress Toolkit, but the firewall is still not optimised. I have manually optimised the firewall and that did not work either.

What other resources does Wordfence need access to for Wordfence to function as intended?

Regards

Hi,

Which one of these WordPress Toolkit Security measures will break the Wordfence Firewall Optimisation.

Kindly see the screenshot at this link:

https://drive.google.com/file/d/1ptiUgjcUNhRBzJTkgsI-efR9JJmABdFA/view?usp=drivesdk

Kind regards