korshiun

Hi @wfyann,

After investigating this issue, I noticed that the error message saying “client denied by server configuration: /home2/mydomain.com/public_html/.user.ini” on my cPanel’s “Errors” tab, I get only when I login to my hosting account. So, I login, go to “Errors”, see the message and look for the time the message was generated and it matches exactly the time I logged in. My conclusion – it is not related to Wordfence. I’m not an expert and if I’m wrong, just let me know.

Hi @wfyann,

I checked Wordfence System Info (as you advised), and – it does show the full path to the ”wordfence-waf.php” file.

• This reply was modified 6 years, 10 months ago by korshiun.

Hi, thanks for the answer! I got another one, though.

My Worfence is currently running in “Extended Protection” mode despite the fact that it doesn’t have access to .user.ini file (and not giving/displaying any errors or warning messages).

I have this piece in my public_html directory .htaccess file.
# Wordfence WAF
<Files “.user.ini”>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order deny,allow
Deny from all
</IfModule>
</Files>
# END Wordfence WAF
Can it be that it blocks itself because of this code? I mean my own server IP doesn’t have access to mydomain/.user.ini. The error I get on my server is this – “…[access_compat:error]…client denied by server configuration: /home/mydomain/public_html/.user.ini…”

@wfyann, thank you for the answer!