Support » Plugin: Wordfence Security » Falcon activation problem, and a workaround

  • Resolved acekin


    My site is installed in a subfolder but the domain points at the root. Consequently, the htaccess file is in the root. Wordfence looked for the htaccess file in the subfolder where WordPress is installed when I tried to activate the Falcon engine. It reported that there was not such file and could not activate the Falcon engine. I think this is an oversight.

    As a workaround, I made a copy of my htaccess file in the subfolder where WordPress is installed, then activated the Falcon engine with worked as expected. After it wrote the htaccess file in the subfolder, I moved it back to the root. It seems to be working fine, I can indeed see a performance improvement. Thank you.


Viewing 15 replies - 1 through 15 (of 17 total)
  • Plugin Author Wordfence


    Thanks, but keep in mind that Wordfence will continue to update the subfolder htaccess with blocked IP’s and other items.

    Is this an unusual configuration? Anyone else doing this?



    I have my WordPress site in a subdirectory (web) and .htaccess is in the root folder.

    When I try to activate the Falcon engine I receive this error message:
    Wordfence could not edit .htaccess

    Wordfence could not edit your .htaccess code. The error was: fopen(/home/xxxxxx/public_html/web//.htaccess): failed to open stream: No such file or directory

    The double slash looks like an error but even if that were corrected .htaccess is not in the web subdirectory, it’s in the root (public_html) folder.

    Apologies if this posts twice but I entered a post and it disappeared. 🙁

    I am having the same problem as mentioned. When enabling (or subsequently disabling) the cache I get this error:

    Problem disabling caching.

    We could not disable caching because you have code in your .htaccess file that could not be removed by Wordfence. You need to go in and remove any Wordfence code from your .htaccess file yourself. Then return here and disable caching. The error we received was: fopen(/path/to/blog//.htaccess) [function.fopen]: failed to open stream: Permission denied

    My htaccess permissions are
    -rw-r–r– 1 root root 487 Aug 2 2013 .htaccess

    Any idea of changing ownership of the htaccess file (or group) might help?





    Forum Moderator

    @scrippsadmin: If you require assistance then, as per the Forum Welcome, please post your own topic.

    My installation is not unusual at all, I am sure I am not the only one to install WordPress in a subfolder. In fact, on my hosting sites who offer automated WordPress installation it is installed into a folder “blog” or “wordpress” I believe.

    I think the location of htaccess file is universal, the root folder, and WordFence should look for it there for simplest and consistent operation. WordPress SEO by Yoast located it in the root directory with no problem for instance.

    @esmi As I saw others posting about the exact same thing I added this to the discussion to make sure and not flood Mark with individual requests about the same issue that might be a bug (note the double slash mentioned above). Ill open another request now.


    Also – when I try to enable the Falcon engine, I am prompted to save a copy of my .htaccess file.

    The saved file is empty: a file with zero bytes is created.

    A related question is this: What happens when
    1. I make a copy of the modified htaccess file
    2. Copy it to the subfolder
    3. In WordFence, disable Falcon
    4. Keep the htaccess that was modified by WordFence as I activated the Falcon engine in the root

    If the “engine” is in the htaccess changes then WordFence will think Falcon is not active but the speed improvements will work since they seem to be handled by the server. Can I also activate Live Traffic now? I have actually done all the above and am wondering what happens now 😉

    Where is the flaw in my reasoning?


    Plugin Author Wordfence


    Going to reply and try to stick to the core issue:

    In our design we assumed that sites like

    will have .htaccess in the /home/public_html/example_root/.htaccess location

    And sites like

    will have .htaccess in the /home/public_html/example_root/subdir/.htaccess location

    Is this not true?

    Before responding make sure you’re not running multi-site with subdirectories.

    It’s my assumption that a site in /subdir/ with the .htaccess in example_root/.htaccess is very unusual. Correct?



    I am not running multi-site with folders on that domain,

    I had the site installed in a subfolder when it was running on a Windows server for easy updates. When I moved it to a Linux server I retained the same structure. Although WordPress is installed in a subfolder with “WordPress Address (URL)” setting under Settings/General pointing to the subfolder, the “Site Address (URL)” setting directly points to the domain root. The index.php in the root is modified to point to the subfolder. With this setting the visitor always sees only the domain root and the content, like:

    If I were to run it ONLY from the subfolder, this URL would have looked something like:

    Since the site URL points to the domain root, .htaccess being in the subfolder has no functionality at all. I put it there and none of the redirects worked.

    I hope this provides more relevant information on different WP installations. This, by the way, is a documented WordPress installation approach. I don’t think having the .htaccess file in the root is unusual at all. In my case, that is the ONLY place it actually works.



    I think it’s quite common to put WordPress files in a subdirectory.

    If you are using permalinks, the subdirectory name is not visible in URLs.

    The .htaccess file has to reside in the root folder, not the WordPress subfolder.


    You set it up on the WordPress Settings/General Settings page

    WordPress Address (URL)
    Site Address (URL)
    Enter the address here if you want your site homepage to be different from the directory you installed WordPress.

    I use this approach when setting up a WordPress site to replace legacy static html sites
    You build and test the WordPress site in a subdirectory.
    Then (following the instructions in the link above) when you are ready to go live you change the site address and copy the index.php and .htaccess files from the WordPress directory into the root directory

    Plugin Author Wordfence


    OK thanks Cemal and Adrian, this is clearly something we need to fix for this particular config so we’ll get on it and it’ll be in the next version.



    Thanks Mark, looking forward to the new version. Now that it will be in the next release, could you address my second question regarding what happens if I disable Falcon in WordFence but put the Falcon modified htaccess back in the root? Not a major issue, I am just curious to find out where it all happens.

    Thank you for a very useful plugin, getting better each new version.


    I just wanted to give your plugin a go, but have encountered the same issue.

    I see this as “resolved”, but can’t find a workaround anywhere here. Also signed up for beta testing, but can’t find a link to get the latest beta. I guess I’ll have to give this a miss for now – shame, sounds promising.

    I find it somewhat hard to believe I am installing a credible plugin, if it has obviously not been tried with this very usual setup of having WordPress installed in a subdirectory, which is not only recommended, but sometimes even necessary (to be able to have other HTML in a subdirectory “next” to wordpress and to function without wordpress interfering).

    I mean, its the 3rd and 4th box of the General Settings of WordPress, right after the Name and Tagline of the websites and includes a link to the instructions, so I would say its not something unusual at all 😉

Viewing 15 replies - 1 through 15 (of 17 total)
  • The topic ‘Falcon activation problem, and a workaround’ is closed to new replies.