Internal Server Error after activating WAF

  • Resolved jfleischauer

    (@jfleischauer)


    9 months, 3 weeks ago

    I just installed WordFence and, after optimizing and activating the WAF using the Apache + mod_php method, I’m getting an internal server error. It’s definitely related to the WAF since, when I remove the htaccess entries that get added when configuring, it’s back to working. I’ve confirmed that the path to wordfence-waf.php is correct. Any ideas?

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @jfleischauer, thanks for getting in touch and sorry to see you’re having optimization issues.

    There are a couple of past cases around setting mod_php I was hoping might help in your case, but there wasn’t a common fix as both were dependent on changes their specific hosting platforms had made.

    As a result I think it’s best to see a diagnostic report from your site first. Please send it to wftest @ wordfence . com directly from the link at the top of the Wordfence > Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.

    NOTE: It should look as follows – Screenshot of Tools > Diagnostic > Send by Email

    Thanks,
    Peter.

    Plugin Support wfpeter

    (@wfpeter)

    Hi @jfleischauer, I only just spotted your diagnostic as you hadn’t updated the topic yet.

    This sounds like a problem when Wordfence appears on a Google VM. I see the platform listed as “wordpress-1-vm” so that could be the case here by the looks of things.

    We need to make sure that the AllowOverride is set for the directory or the WAF will not have the access it needs.

    Navigate to your wordpress.conf file and add the following:

    <Directory /var/www/html>
Options -Indexes
AllowOverride All
</Directory>

    You should also check the config files in /etc/apache2/sites-available/. If one of those has its own AllowOverride set to a different value for /var/www/html, it would need to be changed in that file instead.
    Once you have corrected the AllowOverride, restart apache, then head back over to the Wordfence > Firewall page and click Optimize the Firewall. In the WAF wizard, select Apache + mod_php and follow the steps, this should automatically optimize your WAF.

    Just as a side note, max_execution_time in php.ini should be set to no more than 60 to prevent issues there too. Wordfence only uses half of this value by default but we’ve consistently seen problems with values above this, and yours is currently 120.

    Thanks again,
    Peter.

    Thread Starter jfleischauer

    (@jfleischauer)

    Apologies if I missed a step updating the topic, but thanks for the response and this did the trick. For the benefit of anyone who may run across this in the future, the *wordpress.conf* file referenced is the Apache config file (on Debian-like systems, located at /var/www/apache2/sites-available). At least if using Letsencrypt, the SSL config needs to be updated as well.

    Thanks again for the help.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Internal Server Error after activating WAF’ is closed to new replies.