What is env.php?

  • Resolved Martin Mrskos

    (@martin-mrskos)


    7 years, 4 months ago

    Hi,
    I am trying to set up Wordfence Web Application Firewall and I got this message before I started:

    “The Wordfence Web Application Firewall is designed to run via a PHP ini setting called auto_prepend_file in order to ensure it runs before any potentially vulnerable code runs. This PHP setting is currently in use, and is including this file:

    /usr/local/sbin/php/env.php

    If you don’t recognize this file, please contact us on the WordPress support forums before proceeding.

    You can proceed with the installation and we will include this from within our wordfence-waf.php file which should maintain compatibility with your site, or you can opt to override the existing PHP setting.”

    Would you advice me whether I should include this file or not?

    Thanking you in advance for your kind help.

    Martin

Viewing 3 replies - 1 through 3 (of 3 total)

  • Assuming you are on a Shared hosting account.
    Looking at the path (/usr/local/sbin/php/env.php), this is a file you have NO direct access to changing, and it is NOT accessible through your web-site paths. It was inserted by your hosting company, probably as a way to control various PHP environment stuff for them locally.

    Only way to know what they put in that file is to either ask your hosting company/support, or if you have command-line login access to your Linux server, simply go look at it manually.

    Depending on what they put in it, disconnecting from it to “prepend” the WAF could either work just fine, or it could make your PHP start failing if they use it for something important.

    So I would advise to first find out why the env.php file is there.

    What hosting company is this?

    Hi Martin,
    Your hosting provider should have a clear answer regarding the reason why they are calling this file, normally you can just proceed to include this file along with “wordfence-waf.php”, but I recommend double checking this with your host first.

    Thanks.

    Thread Starter Martin Mrskos

    (@martin-mrskos)

    Thanks for both advices.

    My provider is https://www.datalite.cz/.

    Martin

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘What is env.php?’ is closed to new replies.