Unable to optimize wordfence using cyberpanel

  • Resolved obbzy

    (@obbzy)


    2 months, 2 weeks ago

    Hello,

    Little lost with this.. I feel I have exhausted options and the notice remains asking me to optimize wordfence.

    I can see the required lines of code in the .htaccess. I have also added this into cyberpanels vhost config, and also added PHPRC=/home/$VH_NAME/public_html into OLS. I have rebooted the server multiple times, performed a graceful restart and emptied the entire cache.. yet the notice remains.

    I am unsure what else I can do.. Is there a way I can show a diagnostics to anyone to see what I am doing wrong?

    My other option is now leaning on just ditching cyberpanel and OLS altogether and rebuilding the server using wordops, as I know in the past that just worked without issue..

    Is openlitespeed just generally a little too cache heavy for decent security?

    I have noticed my theme does not seem to be showing recaptcha v3 on the user account sign up pages.. so I am now wondering if I need to ditch the theme and just rebuild the site around a theme which works well with wordfence and woocommerce..

    In the past I just showed art on my website, but now i sell prints, I cannot be doing the full lockdown and hiding sign up pages, but I am wondering if my theme is generally not very secure as it uses themed login/create account pages, which seem a little insecure in itself.”

    Whats my best options here? I have spare time over the weekend so I am not too fussed about needing to put in extra work.

    Thanks for the help! and apologies for the rambles.

Viewing 1 replies (of 1 total)
  • Plugin Support wfmargaret

    (@wfmargaret)

    Hi @obbzy,

    Thank you for reaching out! In OpenLiteSpeed, the directive added to the .htaccess won’t apply. Instead, OpenLiteSpeed has a guide with several alternatives: https://docs.openlitespeed.org/config/php/wordfence/

    You mentioned you’d already added the virtual host. Please take a look at their guide and make sure the process is the same. If everything is configured as expected, you should see the auto_prepend_file using a phpinfo file, as outlined there.

    The Wordfence login security features are primarily made for the default WordPress login flow with added compatibility with WooCommerce. We have seen our 2FA and reCAPTCHA fail to work on custom login forms generated by other themes and plugins. If the theme is secure, the custom login pages are fine to continue using, but you may need to try a different theme for compatibility with our reCAPTCHA.

    Thanks,
    Margaret

Viewing 1 replies (of 1 total)
  • You must be logged in to reply to this topic.