Extended Protection with WP Engine and PHP 7.4

  • Resolved webolutions

    (@webolutions)


    5 years ago

    I read an article on WPE’s site that discusses the deprecation of .htaccess in PHP 7.4.
    https://wpengine.com/support/htaccess-deprecation/

    From what I understand, this is industry wide and not specific to WP Engine.

    Currently, when I activate Wordfence extended protection, I use the Apache + mod_php option which adds the following to .htaccess:

    # Wordfence WAF
    <IfModule mod_php5.c>
    php_value auto_prepend_file ‘/nas/content/live/craigruvere/wordfence-waf.php’
    </IfModule>
    <IfModule mod_php7.c>
    php_value auto_prepend_file ‘/nas/content/live/craigruvere/wordfence-waf.php’
    </IfModule>
    <Files “.user.ini”>
    <IfModule mod_authz_core.c>
    Require all denied
    </IfModule>
    <IfModule !mod_authz_core.c>
    Order deny,allow
    Deny from all
    </IfModule>
    </Files>
    # END Wordfence WAF

    Since PHP 7.4 won’t read this request, what are my options for enabling extended protection on sites hosted on WPE?

    Thanks for your help/info!
    E

Viewing 4 replies - 1 through 4 (of 4 total)
  • davidvee

    (@davidvee)

    WPEngine Employee

    Hmm. That’s a good question. Would you mind reaching out to our support directly by opening a chat once you log into my.wpengine.com so we can do a little troubleshooting and help you resolve this?

    Plugin Author WFMattR

    (@wfmattr)

    Hi all,

    I think Wordfence will continue to work normally on WP Engine without .htaccess. We’ve worked with Anthony and others recently on an alternate way of loading the Wordfence firewall files, which does not depend on .htaccess. (This was actually done for other compatibility reasons.) Wordfence still creates the .htaccess file by default, but it shouldn’t hurt to leave it in place or remove it if this change is live, and the site will only use PHP 7.4+ without downgrading to 7.3 or lower.

    Using the PHP 7.4 preview tool at WP Engine in a quick test, the firewall is still loading correctly for me.

    -Matt R
    Wordfence QA Lead

    davidvee

    (@davidvee)

    WPEngine Employee

    Thanks for chiming in @wfmattr! I’m glad to hear Anthony has been helping ??

    Hi,

    Great thread as I have read the same news and wondered how Wordfence would react to this change.
    I have tested it on a staging environment and could not see any error so far…

    But how can you tell the firewall extended protection (and the whole firewall in general) is still loading correctly?

    Thanks to shed some light here ??
    Nico

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Extended Protection with WP Engine and PHP 7.4’ is closed to new replies.