Hi @cyrilruiz
Please edit your reply and redact the PHP process owner after /home/
and before /public_html/
as that is sensitive server information that should remain private.
When you optimize the firewall you will see in the Protection Level section:
If you’re moving to a new host or a new installation location, you may need to temporarily disable extended protection to avoid any file not found errors. Use this action to remove the configuration changes that enable extended protection mode or you can remove them manually (opens in new tab).
In the root directory where WordPress is installed look for a php.ini
or .user.ini
file with the block of code below:
; Wordfence WAF
auto_prepend_file = '/home/redacted/public_html/wordfence-waf.php'
; END Wordfence WAF
If you find it then delete it. Now delete the wordfence-waf.php
file and you can optimize the firewall again.
If you don’t find a php.ini
or .user.ini
file with that code then look in your .htaccess
file for one of the following blocks of code:
# Wordfence WAF
<IfModule mod_php.7c>
php_value auto_prepend_file '/home/redacted/public_html/wordfence-waf.php'
</IfModule>
# END Wordfence WAF
# Wordfence WAF
<IfModule LiteSpeed>
php_value auto_prepend_file '/home/redacted/public_html/wordfence-waf.php'
</IfModule>
<IfModule lsapi_module>
php_value auto_prepend_file '/home/redacted/public_html/wordfence-waf.php'
</IfModule>
# END Wordfence WAF
If you find it then delete it. Now delete the wordfence-waf.php
file and you can optimize the firewall again.