It says:
Server API CGI/FastCGI
Ok, so if you have the .user.ini that should be the correct setup and you tried printing out a DIV from wordfence-waf.php and yeah, that should be proof enough that the Firewall is indeed loading.
Just to make sure, are you using the latest version of WordPress and Wordfence?
Yes, latest version of wordpress and wordfence.
Every time I load the firewall page I still see
To make your site as secure as possible, take a moment to optimize the Wordfence Web Application Firewall:
However the Firewall status says: Enabled and Protecting.
If I go to live traffic and view Blocked by Firewall, there is never any reports of traffic being blocked. That list is always empty.
So at this point I am not sure whether the firewall is working or not.
On the Firewall page does it say “Protection Level: Extended Protection” or “Basic Protection”?
Protection Level: Basic WordPress Protection
Hello again and sorry for the late reply,
if it says “Basic” that means it’s not working. Unfortunately I can’t think of anything more to check. You have verified that the file is loading correctly but it’s still not loading correctly. Quite mind boggling this one. π
I suppose you could use the method you already tried and track the loading further. Try echoing something from “/wp-content/plugins/wordfence/waf/bootstrap.php”?
It could possibly also be some junk in your settings/database so unless you have tried a fresh install of the plugin (removing Wordfence tables from the database first) that might be an idea.
Hi,
I’ still trying to get this working, I took a look in bootstrap.php but I’m not sure what I could instrument there.
You indicated that if I see
‘Basic WordPress Protection’ then that indicates that the Firewall is not working, why does the firewall summary page not simply say something more explicit?
The firewall page say:
Protection Level: Basic WordPress Protection
Firewall Status: Enabling and Protecting
But from what you are saying this actually means
Protection Level: Basic WordPress Protection
Firewall Status: Not working
Can you confirm this because I am looking for something that is a definitive indicator of the firewall not working, I was then going to work backwards through the code to see why the firewall was being flagged as not working. Is this a reasonable approach or is there a suitable point in bootstrap that I should instrument?
Hi again,
Basic protection means the Firewall is not loading as quickly as it could. It is still protecting you but bot to the fullest extent. Correctly configured the Firewall will load before any other code loads on your site which means that it will be able to catch threats sooner.
When I said “Basic” means it’s not working I was referring to the Firewall configuration process that is meant to give your Firewall the extended protection. I did not mean that the Firewall is not working at all.
If your site is loading wordfence-waf.php via a prepend_file directive in .htaccess/.user.ini you should have Extended protection. That is the essential function of Extended protection.
Hi Wfasa,
I really appreciate your feedback, but its still unclear to me whether the firewall is actually working.
I know from inserting debug code
<div style='display:none;'> MyCheck </div>
into wordfence-waf.php
that my site is loading wordfence-waf.php via a prepend_file directive in .htaccess/.user.ini.
You indicate that this means I should have extended protection. So does a normally working fire wall have a Protection Level: Extended WordPress Protection?
I never see any entries in ‘Blocked by Firewall’ category of the live traffic view.
Am I really lucky or is this what one would expect.
Hi again,
to what extent you are being attacked with queries that would be blocked by the Firewall depends on several factors. It depends on the language you use on your website. In my experience I get more attacks on WordPress sites that are in English than WordPress sites that are in Swedish for example. If you are using other (server side) security software it’s also possible that requests are being blocked even before they reach Wordfence.
On my own site I see the firewall blocking something a couple of times per day.
I am big fan of Wordfence but it is taking very hight server bandwiths on my blog https://onlinejuction.net. Is there any idea to reduce ?
