Support » Plugin: Wordfence Security - Firewall & Malware Scan » File “wafRules.rules” does not exist

  • Resolved brianP6

    (@brianp6)


    I have used WordFence many many times in the past, but this is the first time I’ve hit this one. I ported my live site to another environment (for staging) and WordFence refused to enable the firewall stating:

    The Wordfence Web Application Firewall cannot run. The configuration files are corrupt or inaccessible by the web server, which is preventing the WAF from functioning. Please verify the web server has permission to access the configuration files. You may also try to rebuild the configuration file by clicking here. It will automatically resume normal operation when it is fixed.

    Doing the ‘click here’ made no difference.

    I have deactivated/reactivated, deleted wflogs, deleted wordfence including Db tables and wflogs and reinstalled a fresh version and still I get this error.

    I have contacted my hosting provider who has confirmed that the user/owner and the file permissions are all correct. wp-content is 755 and wflogs is 775

    My wflogs folder contains:
    .htaccess (size 133 bytes)
    attack-data.php (empty)
    config.php (empty)
    ips.php (empty)
    rules.php (empty)

    The Tools/Diagnostics only shows the errors:
    Checking if web server can read from ~/wp-content/wflogs File “wafRules.rules” does not exist
    Checking if web server can write to ~/wp-content/wflogs File “wafRules.rules” does not exist
    The Connectivity diagnostic says everything is OK.

    Getting at a loss as to where to look next and would appreciate some help.

    Many thanks,
    Brian.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Hi @brianp6,

    It’s possible your server couldn’t connect to our servers to get the rules that go into the “wafRules.rules” file.–although it’s unlikely considering that the Wordfence Diagnostics doesn’t report any issue.

    Can you confirm that the owner of the files you listed (and of the “wflogs” folder) is the user the web server runs as?

    Now as the “wafRules.rules” file is the only one in that folder that doesn’t have a “.php” extension, it’s theoretically possible that your server is set to only allow specific file extensions or that it automatically changes permissions on files with uncommon extensions; this would have to be checked with your hosting provider.

    Hello Wfyann,

    Thank you for your reply.

    Yes I confirmed the owner of the files and folders with my hosting provider – that was one of the first things that I checked before I placed this support request.

    It is peculiar and I’ve raised a support ticket with my hosting to see if they can see anything weird on the server.

    Thanks,
    Brian.

    OK a long wait, but I’ve fixed it and I’m posting here to help anyone else out.

    My problem was that I ported my live site to another environment to use as a staging environment. My Live site had an optimised firewall.

    After the port, I cannot ‘Enable Firewall’ because it always errored. The optimisation MUST be removed to work in the new location (presumably re-enabled afterwards)

    Follow the instructions here at the Wordfence help. You must do this operation manually – to do it automatically requires that the firewall is enabled, which it wont.

    https://www.wordfence.com/help/firewall/optimizing-the-firewall/#remove-optimization-manually

    After doing the business with the files …. NOW you can rebuild the configuration files by ‘clicking here‘ as it says :

    The Wordfence Web Application Firewall cannot run. The configuration files are corrupt or inaccessible by the web server, which is preventing the WAF from functioning. Please verify the web server has permission to access the configuration files. You may also try to rebuild the configuration file by clicking here. It will automatically resume normal operation when it is fixed.

    Then Bob’s your Uncle it works.

    Cheers,
    Brian.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘File “wafRules.rules” does not exist’ is closed to new replies.