Hi,
I couldn’t manage to reproduce this issue at my end, here you are what exactly I did:
– Installed WordPress and Wordfence version 6.3.21 on the root of my demo site.
– I’ve followed this guide precisely, method 1.
– I configured the firewall and the “.htaccess” file that was modified was that one in the sub-directory folder.
– I upgraded Wordfence to the latest stable version and neither the “.htaccess” file in the sub-directory nor that one in the root folder was modified.
Could you please let me know if I’m missing something?
Thanks.
Hi. Thanks for replying. What I did was:
– Install WP in a subdirectory e.g. /site
– Load up WP CMS and go to Settings > General and change the Site address to root e.g. https://www.mysite.com and the WordPress address should be https://www.mysite.com/site
– Follow Method 1 to change the .htaccess file to:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} ^(www.)?mysite.com$
RewriteCond %{REQUEST_URI} !^/site/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /site/$1
RewriteCond %{HTTP_HOST} ^(www.)?mysite.com$
RewriteRule ^(/)?$ site/index.php [L]
</IfModule>
# END WordPress
Thanks.
In my opinion, that’s a different implementation than the one described in method 1, I recommend following method 2 in your case as it includes URL changing.
I confirm that Wordfence never rewrite or delete any other code snippets in “.htaccess” files, the plugin only write or delete snippets wrapped by “# Wordfence WAF” and “# END Wordfence WAF” in both cases, but you might want to check when was this file recently modified and compare this timestamp with the Wordfence update time.
Thanks.
