How to set up Wordfence for the root website and subfolder websites

  • Resolved mikozoid

    (@mikozoid)


    4 years, 1 month ago

    What is the best way to set up Wordfence for the root website and subdirectory websites? I’ve found different answers by googling, but I’m not sure which one is the best way or most suitable right now (October 2020). Here are the answers I’ve found so far:

    – Set up the Firewall protection with subdirectory sites first, then working your way up through the file structure.

    – Both the root and subdirectory sites would need the plugin installed, and there are not issues with running the plugin in two “nested” sites. You’ll just want to double-check that it’s not set to scan folders outside of WP (Make sure you don’t have “Scan files outside your WordPress installation” option enabled at (Wordfence > Options => Scans to include)).

    – Make use of “Exclude files from scan that match these wildcard patterns.” option.

    – The only difference would be in the firewall portion. When you try to optimize it at the subdirectory site, you’ll see a warning about there already being an auto_prepend_file that’s being used (for the installation in the root of the site). You should choose to override it. That should take care of things.

    – Log in your root website, go to (Wordfence > Firewall > All Firewall Options) and under “Protection Level” section, click on “Remove Extended Protection”. Then log in your subdirectory site and optimize the firewall there. Return back to your root website and optimize the firewall there.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support WFAdam

    (@wfadam)

    Hello @mikozoid and thanks for reaching out to us!

    You have the process down correctly. Some of the most important things are:
    Make sure the sub-domain is pointed to a directory within your main site directory like this:
    /pubic_html/main_site
    /public_html/main_site/sub-domain
    or:
    /public_html/sub-domain

    When you try to optimize it, you’ll see a warning about there already being an auto_prepend_file that’s being used (for the installation in the root of the site). You should choose to override it. That should take care of things.

    Try one and see if there are any problems and let me know how it went.

    Thanks!

    Thread Starter mikozoid

    (@mikozoid)

    Thank you so much @wfadam for your fast response! Yes, the sub-domain is pointed to a directory within my main site directory like this: /public_html/sub-domain.

    So just to make sure I understand your answer correctly, could you please confirm the following are correct?:

    1) First, optimize the firewall in the root website’s admin dashboard without changing any settings.

    2) And then, optimize the firewall in the sub-directory website’s admin dashboard. When I see a warning about there already being an auto_prepend_file that’s being used (for the installation in the root site), I just choose to override it.

    Plugin Support WFAdam

    (@wfadam)

    Hello again @mikozoid

    It actually doesn’t matter which one you optimize first. Just make sure you remove the root site optimization before you start setting up the subdirectory. Once you get your subdirectory installed, you can actually optimize either one then the other.

    If you do your sub-directory first, then when you do the root, you will do the override option or vice versa, depending on which one you did first.

    Let me know if you have any other questions.

    Thanks again!

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘How to set up Wordfence for the root website and subfolder websites’ is closed to new replies.