Support » Plugin: Wordfence Security - Firewall & Malware Scan » Firewall optimization not working or not detected

  • ludekcerny

    (@ludekcerny)


    Hi there,

    first of all, Wordence is an amazing product, thank you for such a complex tool!

    I switched on experimentally PHP-FPM on one site to test performance (rest of the sites uses mod_php). Everything is working as a charm, but I’m facing one issue with Wordfence. Once the environment has been changed, Wordfence offered again option for optimization of FW by auto_prepend_file, this time by .user.ini file. Setup was successful, however Wordfence still offering options for optimization:
    IMG

    And Wordfence > Tools > Wordfence Firewall Current WAF configuration says auto_prepend_file is not active:
    IMG 2

    But phpinfo says it is:
    IMG 3

    I tried to disable other plugins – no luck.
    I tested, if wordfence-waf.php is executed – yes.
    I tried to remove plugin and data a make clean Wordfence installation – no effect.

    Only setting via global php.ini works as expected.

    Huh, I’m pretty confused.

    Thanks in advance for any hint,
    Ludek

    • This topic was modified 2 years ago by ludekcerny.

    The page I need help with: [log in to see the link]

Viewing 4 replies - 1 through 4 (of 4 total)
  • WFGerroald

    (@wfgerald)

    Hey @ludekcerny,

    I spoke with a colleague about this, and here were his thoughts.

    In rare cases, when a host uses PHP-FPM, they may have PHP settings defined in a “pool” file. These settings can override options set in your custom php.ini or .user.ini file. You may need to ask the host if they have settings in the pool file. The default location for the pool file on new Ubuntu servers is similar to /etc/php/7.0/fpm/pool.d/www.conf (depending on the PHP version) and an example of an option that would override your auto_prepend_file option is php_admin_value[auto_prepend_file] = none. If the host is able to remove this option, it should allow your settings to be used for the firewall.

    https://www.wordfence.com/help/firewall/optimizing-the-firewall/troubleshooting/

    Please let me know if this helps.

    Thanks,

    Gerald

    Thread Starter ludekcerny

    (@ludekcerny)

    Hi, thanks for your fast response.

    I have full control over the server, so I checked this rare case before, but IMO this is not my case. When you look at this picture, the file is prepended by local settings: https://pivovarolesna.cz/wp-content/uploads/fw-03.png, but Wordfence tough, it isn’t. My theory is, that Wordfence in not able to detect it properly.

    I tested, if the files:
    /wordfence-waf.php
    /wp-content/plugins/wordfence/waf/bootstrap.php

    are executed and they are! So prepending seems to be working, however Wordfence says no. Strange. If you want to inspect the situation on the server, I can grant you access to the FTP and WP admin. Let me know.

    Cheers.
    Ludek

    Thread Starter ludekcerny

    (@ludekcerny)

    Hi @wfgerald

    Some ideas?
    I tried just execute test.php in the root with this code:
    print_r (ini_get (‘auto_prepend_file’));
    and the output is
    /var/www/pivovarolesna.cz/www/wordfence-waf.php

    I’m really wondering if auto_prepend_file really works and the error is only in wordfence detection.

    BR,
    L.

    Same problem after I switched to Apache2+php7.3-fpm today and WF offered to (re)configure firewall again (as per OP above).

    • I have full control of server.
    • No pool configs. Just commented out default one.
    • “.user.ini” is being read.
    • Paths/files are working/readble and have been re-checked.

    My ‘auto_prepend_file’ shows the wordfence-waf.php if you use the WF tools/diagnostics tab/’Click to view your system’s configuration in a new window’ to get the phpinfo() output. It clearly shows the ‘auto_prepend_file’ is loading and the path is correct/file exists.

    BUT – I still get same offer to optimize waf even after full reload of fpm/apache or rebooted server. I can’t seem to locate the problem. The weird part is I show no ‘auto_prepend” ‘active’ under WF diagnostics/Wordfence Firewall. See screens.

    Some screens-
    https://i.imgur.com/2hIqK9w.png (phpinfo/diag clearly shows it being loaded)
    https://i.imgur.com/O6YvqLu.png (FW diag shows not active – why?)
    https://i.imgur.com/MqQXhUS.png (can do this 100 times – will not load. Files update fine. Will not load fully.)

    Any ideas?

    • This reply was modified 1 year, 9 months ago by 22-7ths.
Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Firewall optimization not working or not detected’ is closed to new replies.