Optimize Wordfence Firewall and PHP 7.4

Hi @grafityx

I would like to have a look at your Wordfence diagnostics report for one affected website only.

Please go to the top of the “Diagnostics” tab on the Wordfence “Tools” page. There will be a “SEND REPORT BY EMAIL” button to send the diagnostics report. Enter wftest [at] wordfence [dot] com as the email and grafityx as the forum username please.

Once you have emailed me the diagnostics report can you reply here to let me know that it has been sent. This is important in the unlikely event that your installation of WordPress is having an issue with sending mail.

@wfphil Hello Phil, I’ve sent the report, please check your email. Thanks for your help

Hi @grafityx

Looking in the PHP Variables section of the report I see this (I redacted the full file path):

$_SERVER[‘SCRIPT_FILENAME’]: //home/xxxxx/public_html/wp-admin/admin-ajax.php

You will see that there are two forward slashes before the home directory and there should only be one. This will prevent the .user.ini server configuration file, that optimizes the firewall, from working recursively. The extra forward slash is due to a misconfiguration on your Apache web server and will need to be fixed by your hosting provider.

Here is an example forum post below outlining the problem on your Apache web server:

https://forums.cpanel.net/threads/user-ini-files-not-recursive.601163/

@wfphil thank you but I can’t find the code bellow on my server to remove the unwanted slash, do you know where is located on PHP 7.4 FPM/FastCGI ?

<IfModule !mod_php5.c>
    <FilesMatch \.php$>
            SetHandler "proxy:unix:/var/lib/php/php-fpm.sockets/site.sock|fcgi://localhost/"
    </FilesMatch>
    DirectoryIndex index.php index.html index.htm
</IfModule>

• This reply was modified 3 years, 1 month ago by grafityx.

Hi @grafityx

If you are not sure how to modify your Apache configuration then you will need to ask your hosting provider to do this for you.

@wfphil The issue was from auto_prepend_file ??

I found the solution by adding

php_admin_value[auto_prepend_file] = /home/user/web/example.com/public_html/wordfence-waf.php

in the FPM/Pool config

/etc/php/7.4/fpm/pool/example.com.conf

then I restart fpm

/etc/init.d/php7.4-fpm restart

Thanks

• This reply was modified 3 years ago by grafityx.
• This reply was modified 3 years ago by grafityx.

Hi @grafityx

Thank you for the update.

Before you added your line of code did you see php_admin_value[auto_prepend_file] = none?

Does the virtual host for this site on the server have more than one installation of WordPress and Wordfence? If it does, then you will need to remove your line of code as the Wordfence firewall will not function correctly on the other WordPress sites.

The issue of the firewall not working recursively may still exist so I would like to have a look at a new Wordfence diagnostics report for the same site.

Please go to the top of the “Diagnostics” tab on the Wordfence “Tools” page. There will be a “SEND REPORT BY EMAIL” button to send the diagnostics report. Enter wftest [at] wordfence [dot] com as the email and grafityx as the forum username please.

Once you have emailed me the diagnostics report can you reply here to let me know that it has been sent. This is important in the unlikely event that your installation of WordPress is having an issue with sending mail.

Hello @wfphil
Each websites using his own virtual host, so I’ve added the line with the correct wordfence-waf.php path to each website ( .conf file ).
It seems to work well now, I sent you the report by mail. Please check and let me know =)

• This reply was modified 3 years ago by grafityx.
• This reply was modified 3 years ago by grafityx.
• This reply was modified 3 years ago by grafityx.

Hi @grafityx

Thank you for the update.

The firewall appears to be optimized correctly but I would still recommend that you fix the fault in the Apache configuration and optimize the firewall in the standard way.

Hi,

i have a similiar problem.

I have a website with Apache + php7.4-fpm.
Added auto_prepend_file to .user.ini file in the documentRoot of the site.
I can see the correct path with php_info(); as local setting but in Wordfence -> Tools -> Diagnostic I see “WAF auto_prepend_file Active” = NO while the path is shown correctly.

How can I solve?
I would avoid to set the auto_prepend_file in the pool.d because i use it for others vhost.

Thanks in advance
Alessandro

Hi @amannini

As per forum guidelines below can you open your own topic please:

“Unless users have the exact same version of WordPress on the same physical server hosted by the same hosts with the same plugins, theme, and configurations, then the odds are the solution for one user will not be the same for another. For this reason, we recommend people start their own topics.”

Forum Guidelines

OK, sorry.
A

Hi @amannini

No need to say sorry!