Title: Firewall server config setting for WP Engine? Last modified: September 30, 2019 --- # Firewall server config setting for WP Engine? * [vitsippa](https://wordpress.org/support/users/vitsippa/) * (@vitsippa) * [6 years, 7 months ago](https://wordpress.org/support/topic/firewall-server-config-setting-for-wp-engine/) * Hi, I am happy Wordfence and WP Engine is now compatible! I just installed Wordfence, and will let Firewall be in Learning mode for a couple of days. But after that I am not certain which server configuration setting to choose for the Firewall, when on WP Engine? * You write about WP Engine being a special case: [https://www.wordfence.com/blog/2019/08/wordfence-now-works-on-wp-engine-and-with-load-balancers/](https://www.wordfence.com/blog/2019/08/wordfence-now-works-on-wp-engine-and-with-load-balancers/)_“ Site owners do not have to change anything. Wordfence will detect your WP Engine installation and make the required configuration change to activate the MySQL storage engine for the firewall.”_ * But will I still have to choose a web server config from your list? _“If you know your web server’s configuration, please select it from the list below.”_ And do you know if it is correct to choose NGINX for WP Engine? * Or will the Firewall choose the right web server config automatic after the 7 days learning mode?? Viewing 6 replies - 1 through 6 (of 6 total) * [wfdave](https://wordpress.org/support/users/wfdave/) * (@wfdave) * [6 years, 7 months ago](https://wordpress.org/support/topic/firewall-server-config-setting-for-wp-engine/#post-11983984) * Hi [@vitsippa](https://wordpress.org/support/users/vitsippa/), * The blog post describes changes made to Wordfence’s Storage Engine. The setting for optimizing your firewall still needs to be manually selected by you. * **Wordfence’s Storage Engine** * > When Wordfence updates the rules for the firewall, they are placed within `/ > wp-content/wflogs/*`. > However, on websites that have a static file-system, Wordfence is unable to > write to that directory. The developers got around this by moving the rules > into the database. > By default, Wordfence will still use the folder `/wp-content/wflogs/*` to store > its rules, but if it detects that you’re using WP Engine, it will use the database > instead. * A different setting, is when you’re trying to optimize the firewall. Wordfence uses various files (such as `.htaccess` or `.user.ini`) to make sure that traffic is routed through the application firewall. * WP Engine uses mod_php, as per this article that says `WP Engine stack uses Apache2 and mod_php`. * [https://code.tutsplus.com/tutorials/the-benefits-of-wp-engine-developer-tools–cms-25471](https://code.tutsplus.com/tutorials/the-benefits-of-wp-engine-developer-tools–cms-25471) * So after selecting `mod_php`, WAF should be enabled on your website. * Dave * Thread Starter [vitsippa](https://wordpress.org/support/users/vitsippa/) * (@vitsippa) * [6 years, 7 months ago](https://wordpress.org/support/topic/firewall-server-config-setting-for-wp-engine/#post-11985281) * Thank you, just to be sure: So the support at the web hotel that told me I should choose “NGINX” in your list was not correct. The right choice in your firewall web server config list is “Apache mod_php”, when using Wordfence together with WP Engine? And after that the rest will work automatic? * [wfdave](https://wordpress.org/support/users/wfdave/) * (@wfdave) * [6 years, 7 months ago](https://wordpress.org/support/topic/firewall-server-config-setting-for-wp-engine/#post-11986106) * Hi again, * I did another search and noticed that WP Engine has a logo of NGINX on this page: [https://wpengine.com/technology/](https://wpengine.com/technology/) * So choosing NGINX for the optimization should be the right choice. After that, stuff like rate limiting or brute force rules will work normally. * Dave * Thread Starter [vitsippa](https://wordpress.org/support/users/vitsippa/) * (@vitsippa) * [6 years, 7 months ago](https://wordpress.org/support/topic/firewall-server-config-setting-for-wp-engine/#post-11986125) * Good, I will choose NGINX, thank you for taking the time to help me! * So the support was right, that is also good to know 🙂 This is new to everyone and I could not find any specific info about it anywhere, so just wanted to be sure. * Question solved. * [nlebrozec](https://wordpress.org/support/users/nlebrozec/) * (@nlebrozec) * [6 years, 7 months ago](https://wordpress.org/support/topic/firewall-server-config-setting-for-wp-engine/#post-11997541) * Hi there, * Have the same concern here as we use WP Engine and Wordfence. According to WP Engine Support, we should choose Apache + mod_php. That’s what I’ve done so far… Unfortunately, even if the .htaccess file has been modified accordingly it seems some problems are here based on the Diagnostics page. Checking if web server can read from ~/wp-content/wflogs -> File “attack-data.php” does not exist, File “ips.php” does not exist, File “config.php” does not exist, File “rules. php” does not exist * And that’s true, these files do not exist in the wflogs folder. * I thought about permission issues but it seems that the web server user (wpe- user) is the same as the owner of the wflogs folder. * Running a WP CLI command generates a PHP Warning saying the rules.php file is missing, which is correct. * How can we get those files to be put in the wflogs folder as mine is empty apart from a “GeoLite2-Country.mmdb”. * I’ve also tried to delete this folder and every time it’s generated again, still none of the expected PHP files are present. * Any guidance is welcome to fix this and make sure the extended WAF is correctly working on WP Engine. * Regards, Nico * [cwtmcmanus](https://wordpress.org/support/users/cwtmcmanus/) * (@cwtmcmanus) * [6 years, 5 months ago](https://wordpress.org/support/topic/firewall-server-config-setting-for-wp-engine/#post-12205359) * I just talked to WP Engine support and I was told to use “apache + mod_php”. * > I was able to get confirmation on what the setting needs to be. You’ll need > to set it to “apache + mod_php” as this is what WordPress is running on here. * – Tom Viewing 6 replies - 1 through 6 (of 6 total) The topic ‘Firewall server config setting for WP Engine?’ is closed to new replies. * ![](https://ps.w.org/wordfence/assets/icon.svg?rev=2070865) * [Wordfence Security - Firewall, Malware Scan, and Login Security](https://wordpress.org/plugins/wordfence/) * [Frequently Asked Questions](https://wordpress.org/plugins/wordfence/#faq) * [Support Threads](https://wordpress.org/support/plugin/wordfence/) * [Active Topics](https://wordpress.org/support/plugin/wordfence/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/wordfence/unresolved/) * [Reviews](https://wordpress.org/support/plugin/wordfence/reviews/) ## Tags * [firewall](https://wordpress.org/support/topic-tag/firewall/) * [wpengine](https://wordpress.org/support/topic-tag/wpengine/) * 6 replies * 1 participant * Last reply from: [cwtmcmanus](https://wordpress.org/support/users/cwtmcmanus/) * Last activity: [6 years, 5 months ago](https://wordpress.org/support/topic/firewall-server-config-setting-for-wp-engine/#post-12205359) * Status: not resolved