Hi Peter,
Thanks for your reply. Initially there was a setting in /etc/php/7.4/fpm/php.ini that I commented out, so now it looks like this;
;auto_prepend_file =
Until this was commented out there were no prepended files shown in info.php, but once I did that it appeared as I mentioned in my first post.
I’ve checked I can find no reference to prepend in any of the files in /etc/php/7.4/fpm/conf.d/ (in fact I have commented out all auto_prepend_file entries in ALL php configs in /etc/php/7.4/ plus there’s nothing appearing in /var/log/apache2/error.log when I go through firewall optimisation. I can confirm that .htaccess and .user.ini are both as they should be..
FYI The website firewall gets a score of 34%.. which I can’t make it add up from the options shown in the mouseover ?? (11% premium rules, 35% realtime blocklist, 1% re-enable 9 rules, 20% optimise firewall… which all add up to 67%?).
In any event, diagnostics still says No;
Wordfence Firewall Current WAF configuration.
WAF auto prepend active
No
I’d had a good read through the docs before posting, so I’m a bit stumpted. info.php still shows;
auto_prepend_file /correct/path/to/wordfence-waf.php
Also listed with info.php in ‘disable_functions’ are the following;
pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
Could any of these be relevent ?
-
This reply was modified 2 years, 8 months ago by
neuralnet.