Good But , dangerous for average users

  • metanoia77

    (@metanoia77)


    8 months ago

    It’s a good plugin, but the firewall is very over reaching for users who cannot edit .htaccess and know their way around servers. Unfortunately, they use a sledge hammer to crack a nut. Modifying .htaccess and adding files to Root like .user.ini is not good practice if you do not remove them if the plugin is deactivated or uninstalled

    I have had many clients who changed their sites and didn’t know Wordfence leaves a lot of garbage around. They cannot run install.php to build a new instance as the .htaccess and .user.ini are left behand to ‘Guard’ an empty site.

    I would be careful if you cannot correct server problems or want a bit of flexibility .

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @metanoia77, thanks for taking the time out to leave us a review!

    With a large install-base, we do appreciate some administrators will have less hands-on experience than others. For this reason we do try to make workable default settings and get the plugin to make necessary .htaccess/.user.ini changes from our optimization wizard. For uninstalls or deactivation, we do offer the option to, “Delete all Wordfence tables and data” that should also reverse the optimization without having to manually deal with cleaning up plugin files or making advanced changes.

    If a more manual approach has been taken or there are issues with permissions, the situation you describe above can occur but we do try to cover the steps in our documentation for reference too: https://www.wordfence.com/help/advanced/remove-or-reset/#remove-or-reset

    Many thanks for your feedback and using Wordfence,
    Peter.

    Thread Starter metanoia77

    (@metanoia77)

    Sure Peter, as I said it’s good plugin. But the thing is even when it’s deactivated , say you want to build an instance in a https://www.mainsite.co/newsite ? well you can’t unless you know your way around a server. Even if you temp deactivate WF , it is “Server Wide” so you need to comment out .htaccess and rename .user.ini . Do what you need to and reverse your changes .

    Your documentation is good, but it’s for people like me. I still stand by my review “Good Plugin” but if you ain’t tech be carful .

    Maybe script a tool , I made one for changes , that does the ground work if it’s temporary or permanent (it does happen ?? )

    The plugin is good … in the right hands

    Stay cool

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Good But , dangerous for average users’ is closed to new replies.