Hi bulewold,
You can keep the Firewall Status set to “Enabled and Protecting” but you will need to re-configure Wordfence Web Application Firewall again, the simplest way to do that is by deleting # Wordfence WAF section in your server .htaccess file.
Now, you can go to (Wordfence > Firewall) and press “Click here to configure.” button on the warning message at the top of the page, make sure to choose “Apache + suPHP” option there and you should be done now.
Let me know how it goes,
Thanks.
Thanks. What’s the possible issue if I do not go through that process. Just wondering… since it is a lot of work to do it for each site… lol
After talking with one of the dev team, he mentioned that it may work as-is depending on how the suPHP environment is set up, but this doesn’t apply on all cases.
I recommend re-configure Wordfence Web Application Firewall on your websites with this new PHP handler settings.
Good luck!
What about change from
PHP5.6 FCGI to PHP7 FPM (which is only way to get fcgi)
My sites are currently on suphp and I’m trying to move them to FPM in next couple days.
Actually, from PHP5.6 FCGI to PHP7 FPM there shouldn’t be any change in the Wordfence WAF configuration, you need to choose “Apache + CGI/FastCGI” option in both cases.
As you mentioned you are currently using suPHP and will move to “PHP-FPM”, then you may need to know that the only difference between these configurations is this line in .htaccess file:
<IfModule mod_suphp.c>
suPHP_ConfigPath 'some_path_here'
</IfModule>
This will not be applied if you don’t have mod.suphp loaded, so there shouldn’t be any problem to keep the configuration as it’s in this case.
Thanks.
Awesome. I had php56 fcgi before, and when upgrading to php7, fpm module was unavialable, so I’m trying to find a way to keep fcgi…
suphp is default as a temp solution… but I wanted to ask anyway to be sure.
Thank you!
Wfalaa,
I had another question. What’s the worst that can happen if I keep it enabled based on previous fcgi setting after server changed handler to suphp?
Would it just make firewall less effective? or has potential to lock me out or something?
There is no risk of being locked out here, upon discussion with developers team, keep choosing “Apache + CGI/FastCGI” as your firewall configuration and changing the PHP handler to suPHP shouldn’t affect your firewall behavior, everything will be working fine with this scenario.
Thanks.
that’s good to know. Thank you!!!
If that’s the case, I’ll keep it as suphp until build 58 is available with FPM selector. 🙂
Thanks for your help and answering all the questions for me.
