WPEngine – Upcoming End-of-Life for .htaccess in October

  • Resolved outofhouse

    (@outofhouse)


    2 years, 7 months ago

    Hi – I have a number of sites on the WPEngine hosting platform and all use WordFence. Because of the end-of-life for htaccess dependencies in October, can you let us know if there is anything we need to do to keep the plugin running as normal? I have noticed that some of my htaccess files contain this code:

    # Wordfence WAF
<Files ".user.ini">
<IfModule mod_authz_core.c>
	Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
	Order deny,allow
	Deny from all
</IfModule>
</Files>

# END Wordfence WAF

    Thanks for any help…

Viewing 1 replies (of 1 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @outofhouse, thanks for getting in touch about this.

    It shouldn’t be necessary to reoptimize the WAF in your case. We have worked with WP Engine previously on optimizing the WAF for their platform so .htaccess should no longer be needed when the transition happens.

    WP Engine should already prevent reading any files that we would normally hide using .htaccess, but if there are any, it would be best to remove them if they end up appearing in any scan results.

    Wordfence > All Options > General Wordfence Options > Disable Code Execution for Uploads directory requires .htaccess, so you could disable this if you have it selected currently, although we don’t think there would be any negative side-effects if you didn’t.

    We use the MySQLi storage engine for our logs by default on WP Engine, but wflogs files might still be created in wp-content/wflogs along with a GeoIP .mmdb file.

    Thanks,

    Peter.

Viewing 1 replies (of 1 total)
  • The topic ‘WPEngine – Upcoming End-of-Life for .htaccess in October’ is closed to new replies.