WordPress.org

Forums

Wordfence Security
[resolved] Falcon activation problem, and a workaround (18 posts)

  1. acekin
    Member
    Posted 1 year ago #

    My site is installed in a subfolder but the domain points at the root. Consequently, the htaccess file is in the root. Wordfence looked for the htaccess file in the subfolder where WordPress is installed when I tried to activate the Falcon engine. It reported that there was not such file and could not activate the Falcon engine. I think this is an oversight.

    As a workaround, I made a copy of my htaccess file in the subfolder where WordPress is installed, then activated the Falcon engine with worked as expected. After it wrote the htaccess file in the subfolder, I moved it back to the root. It seems to be working fine, I can indeed see a performance improvement. Thank you.

    Cemal

    https://wordpress.org/plugins/wordfence/

  2. Wordfence
    Member
    Plugin Author

    Posted 1 year ago #

    Thanks, but keep in mind that Wordfence will continue to update the subfolder htaccess with blocked IP's and other items.

    Is this an unusual configuration? Anyone else doing this?

    Regards,

    Mark.

  3. Adrian
    Member
    Posted 1 year ago #

    I have my WordPress site in a subdirectory (web) and .htaccess is in the root folder.

    When I try to activate the Falcon engine I receive this error message:
    =================
    Wordfence could not edit .htaccess

    Wordfence could not edit your .htaccess code. The error was: fopen(/home/xxxxxx/public_html/web//.htaccess): failed to open stream: No such file or directory
    ===================

    The double slash looks like an error but even if that were corrected .htaccess is not in the web subdirectory, it's in the root (public_html) folder.

  4. scrippsadmin
    Member
    Posted 1 year ago #

    Apologies if this posts twice but I entered a post and it disappeared. :(

    I am having the same problem as mentioned. When enabling (or subsequently disabling) the cache I get this error:

    Problem disabling caching.

    We could not disable caching because you have code in your .htaccess file that could not be removed by Wordfence. You need to go in and remove any Wordfence code from your .htaccess file yourself. Then return here and disable caching. The error we received was: fopen(/path/to/blog//.htaccess) [function.fopen]: failed to open stream: Permission denied

    My htaccess permissions are
    -rw-r--r-- 1 root root 487 Aug 2 2013 .htaccess

    Any idea of changing ownership of the htaccess file (or group) might help?

    Thanks!

    tim

  5. esmi
    Forum Moderator
    Posted 1 year ago #

    @scrippsadmin: If you require assistance then, as per the Forum Welcome, please post your own topic.

  6. acekin
    Member
    Posted 1 year ago #

    My installation is not unusual at all, I am sure I am not the only one to install WordPress in a subfolder. In fact, on my hosting sites who offer automated WordPress installation it is installed into a folder "blog" or "wordpress" I believe.

    I think the location of htaccess file is universal, the root folder, and WordFence should look for it there for simplest and consistent operation. WordPress SEO by Yoast located it in the root directory with no problem for instance.

  7. scrippsadmin
    Member
    Posted 1 year ago #

    @esmi As I saw others posting about the exact same thing I added this to the discussion to make sure and not flood Mark with individual requests about the same issue that might be a bug (note the double slash mentioned above). Ill open another request now.

    tim

  8. Adrian
    Member
    Posted 1 year ago #

    Also - when I try to enable the Falcon engine, I am prompted to save a copy of my .htaccess file.

    The saved file is empty: a file with zero bytes is created.

  9. acekin
    Member
    Posted 1 year ago #

    A related question is this: What happens when
    1. I make a copy of the modified htaccess file
    2. Copy it to the subfolder
    3. In WordFence, disable Falcon
    4. Keep the htaccess that was modified by WordFence as I activated the Falcon engine in the root

    If the "engine" is in the htaccess changes then WordFence will think Falcon is not active but the speed improvements will work since they seem to be handled by the server. Can I also activate Live Traffic now? I have actually done all the above and am wondering what happens now ;-)

    Where is the flaw in my reasoning?

    Cemal

  10. Wordfence
    Member
    Plugin Author

    Posted 1 year ago #

    Going to reply and try to stick to the core issue:

    In our design we assumed that sites like

    http://example.com/

    will have .htaccess in the /home/public_html/example_root/.htaccess location

    And sites like

    http://example.com/subdir/

    will have .htaccess in the /home/public_html/example_root/subdir/.htaccess location

    Is this not true?

    Before responding make sure you're not running multi-site with subdirectories.

    It's my assumption that a site in /subdir/ with the .htaccess in example_root/.htaccess is very unusual. Correct?

    Regards,

    Mark.

  11. acekin
    Member
    Posted 1 year ago #

    I am not running multi-site with folders on that domain, keptlight.com.

    I had the site installed in a subfolder when it was running on a Windows server for easy updates. When I moved it to a Linux server I retained the same structure. Although WordPress is installed in a subfolder with "WordPress Address (URL)" setting under Settings/General pointing to the subfolder, the "Site Address (URL)" setting directly points to the domain root. The index.php in the root is modified to point to the subfolder. With this setting the visitor always sees only the domain root and the content, like:
    http://www.keptlight.com/cape-cod-2014/

    If I were to run it ONLY from the subfolder, this URL would have looked something like:
    http://www.keptlight.com/wordpress/cape-cod-2014/

    Since the site URL points to the domain root, .htaccess being in the subfolder has no functionality at all. I put it there and none of the redirects worked.

    I hope this provides more relevant information on different WP installations. This, by the way, is a documented WordPress installation approach. I don't think having the .htaccess file in the root is unusual at all. In my case, that is the ONLY place it actually works.

    Thanks,

    Cemal

  12. Adrian
    Member
    Posted 1 year ago #

    I think it's quite common to put WordPress files in a subdirectory.
    See http://codex.wordpress.org/Giving_WordPress_Its_Own_Directory

    If you are using permalinks, the subdirectory name is not visible in URLs.

    The .htaccess file has to reside in the root folder, not the WordPress subfolder.

    Adrian

  13. Adrian
    Member
    Posted 1 year ago #

    (continued)
    You set it up on the WordPress Settings/General Settings page

    WordPress Address (URL) http://my.url.com/wordpress
    Site Address (URL) http://my.url.com
    Enter the address here if you want your site homepage to be different from the directory you installed WordPress.

    I use this approach when setting up a WordPress site to replace legacy static html sites
    You build and test the WordPress site in a subdirectory.
    Then (following the instructions in the link above) when you are ready to go live you change the site address and copy the index.php and .htaccess files from the WordPress directory into the root directory

  14. Wordfence
    Member
    Plugin Author

    Posted 1 year ago #

    OK thanks Cemal and Adrian, this is clearly something we need to fix for this particular config so we'll get on it and it'll be in the next version.

    Regards,

    Mark.

  15. acekin
    Member
    Posted 1 year ago #

    Thanks Mark, looking forward to the new version. Now that it will be in the next release, could you address my second question regarding what happens if I disable Falcon in WordFence but put the Falcon modified htaccess back in the root? Not a major issue, I am just curious to find out where it all happens.

    Thank you for a very useful plugin, getting better each new version.

    Cemal

  16. seltzdesign
    Member
    Posted 1 year ago #

    I just wanted to give your plugin a go, but have encountered the same issue.

    I see this as "resolved", but can't find a workaround anywhere here. Also signed up for beta testing, but can't find a link to get the latest beta. I guess I'll have to give this a miss for now - shame, sounds promising.

    I find it somewhat hard to believe I am installing a credible plugin, if it has obviously not been tried with this very usual setup of having WordPress installed in a subdirectory, which is not only recommended, but sometimes even necessary (to be able to have other HTML in a subdirectory "next" to wordpress and to function without wordpress interfering).

    I mean, its the 3rd and 4th box of the General Settings of WordPress, right after the Name and Tagline of the websites and includes a link to the instructions, so I would say its not something unusual at all ;)

  17. Adrian
    Member
    Posted 1 year ago #

    @selzdesign I think you are being too critical of the developers of this excellent plugin.

    I agree it's disappointing that the new Falcon performance improvements don't yet support WordPress installed in a subdirectory, but I am sure they will fix that soon.
    For now all the security features of WordFence are available.

    I'm building a new site for a client.
    Until it's ready to go live it sits in a subdirectory (url similar to http://www.xxx.com/web ).
    The Falcon caching works really well on this setup - almost instantaneous responses to many pages.
    It's looking so good I think I won't need any of the other caching plugins such as W3 Total Cache or Super Cache.

    When this client's site goes live, the WordPress files will still be in the subdirectory but I will set the home page to http://www.xxx.com.

    That's what doesn't yet work with Falcon but I'm hoping it will be fixed by the time I need it.

  18. seltzdesign
    Member
    Posted 1 year ago #

    Well, its feedback and that can be positive or negative. I appreciate that there have been no doubt countless hours spent developing this plugin - all the functionality it has, its probably one of the most advanced plugins I have come across. Cloud functionality, live view of activity, etc.

    But what I then find perplexing is how the plugin author has to have explained to him by a user how site_url and home_url work. Its THE most basic function of WordPress and like I said the instructions to have WordPress in a subdirectory are right there on the General Settings page.

    If I am trusting this plugin with my or more importantly my clients website, then I have to act in their best interest and not use a piece of software that doesn't work fully, because "In our design we assumed that.." just isn't good enough coming from a developer.

    Actually I am more amazed how they got to version 5.0.3 and have NOT come across this or tried it out themselves - it takes like 5 minutes to setup a new WordPress in a subdirectory.

    I really want to try this plugin fully, but the first thing I tried was to activate falcon and it failed miserably. I am not giving up yet and hope the other features of the plugin been tested a little more thoroughly ;)

Topic Closed

This topic has been closed to new replies.

About this Plugin

  • Wordfence Security
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic