I self-host and use Caddy rather Apache or Nginx to serve WP PHP files. Consequently, I chose Manual Configuration when optimising the Wordfence firewall, and added the line
auto_prepend_file = '/usr/local/www/wordpress/wordfence-waf.php'to php.ini, but it didn’t take. I confirmed this after waiting several minutes and then checking the
auto_prepend_fileentry in system configuration (Tools > Diagnostics > Other Tests).
Just on the off-chance, I tried Apache+mod_php and Apache+CGI/FastCGI options and in both cases, I couldn’t write to .htaccess (which btw Caddy doesn’t use).
The surprise came when I tried the Nginx option. A
.user.inifile was created in the WordPress root and extended firewall protection came into effect almost immediately. Checking the system configuration confirmed the result.
While the end result is positive and I’m thrilled to have enabled extended firewall protection, the mechanism that enabled it is confusing. Any thoughts?
- The topic ‘Caddy webserver – Firewall Optimisation’ is closed to new replies.