Publicly accessible config, backup, or log file found: .user.ini Type: Publicly | WordPress.org

Resolved fh
(@felipestyle77)

8 years, 4 months ago

Details: https://www.domain.com/.user.ini is publicly accessible and may expose source code or sensitive information about your site, bla bla..

The content of my .user.ini:

; Wordfence WAF
auto_prepend_file = ‘/home/web/domain.com/public_html/wordfence-waf.php’
; END Wordfence WAF

Is secure to delete the file .user.ini?

Viewing 2 replies - 1 through 2 (of 2 total)

wfyann
(@wfyann)

8 years, 4 months ago

Hi @felipestyle77,

The content of the “.user.ini” file you mentioned is related the Wordfence Firewall optimization and should not be removed.

This article explains the alert you’re getting.

Thread Starter fh
(@felipestyle77)

8 years, 4 months ago

Thank you.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Publicly accessible config, backup, or log file found: .user.ini Type: Publicly’ is closed to new replies.

2 replies
2 participants
Last reply from: fh
Last activity: 8 years, 4 months ago
Status: resolved