Title: FPM/FastCGI – Basic WordPress Protection Problem Last modified: August 9, 2024 --- # FPM/FastCGI – Basic WordPress Protection Problem * Resolved [bioherb](https://wordpress.org/support/users/bioherb/) * (@bioherb) * [1 year, 7 months ago](https://wordpress.org/support/topic/fpm-fastcgi-basic-wordpress-protection-problem/) * Hello, * we have a problem with the “optimize the wordfence firewall”. (FPM 8.1/FastCGI) We added the “auto_prepend_file” automatically with “Aapache + CGI/FastCGI (recommended…) but it still shows the message to configure the WAF. (now over 24 hours ago) * The .htaccess entries were successfully set and the .user.ini was created with the correct path to the “wordfence-waf.php”. I verified the permissions on the files etc., restarted php8.1-fpm and apache2, cleared the cache via wp-rocket and also the OP-Cache.The auto_prepend_file shows up as the Local Value = “/var/ www/[installation_folder]/wordfence-waf.php”.I also testet an echo in the wordfence- waf.php, to see if it gets loaded and it does.Do you have any idea, what the problem could be?It seems to be properly installed and set?WAF Loaded Successfully = YesWAF auto prepend active = No(I already send a report by email with more details of the diagnostics) Viewing 1 replies (of 1 total) * Plugin Support [wfpeter](https://wordpress.org/support/users/wfpeter/) * (@wfpeter) * [1 year, 7 months ago](https://wordpress.org/support/topic/fpm-fastcgi-basic-wordpress-protection-problem/#post-17943829) * Hi [@bioherb](https://wordpress.org/support/users/bioherb/), thanks for reaching out! * Your description of action taken sounds correct for a FPM/FastCGI setup and that you’ve verified the path in **.user.ini** definitely points to where a **wordfence- waf.php** file exists. At first glance the fact `auto_prepend_file` isn’t active sounds like a problem where a host may be denying PHP configuration to its customers. If the syntax below matches the contents of your files, consider briefly checking- in with your host’s support as to whether you have the ability to modify your. htaccess and .user.ini files in this way. * I’ll also include the expected contents for both files in your WordPress root folder below so you can double-check in case anything went wrong. * **.htaccess**: * ```wp-block-code # Wordfence WAF Require all denied Order deny,allow Deny from all # END Wordfence WAF ``` * **.user.ini**: * ```wp-block-code ; Wordfence WAF auto_prepend_file = '/your/path/to/wordfence-waf.php' ; END Wordfence WAF ``` * Let us know how you get on! Peter. Viewing 1 replies (of 1 total) The topic ‘FPM/FastCGI – Basic WordPress Protection Problem’ is closed to new replies. * ![](https://ps.w.org/wordfence/assets/icon.svg?rev=2070865) * [Wordfence Security - Firewall, Malware Scan, and Login Security](https://wordpress.org/plugins/wordfence/) * [Frequently Asked Questions](https://wordpress.org/plugins/wordfence/#faq) * [Support Threads](https://wordpress.org/support/plugin/wordfence/) * [Active Topics](https://wordpress.org/support/plugin/wordfence/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/wordfence/unresolved/) * [Reviews](https://wordpress.org/support/plugin/wordfence/reviews/) ## Tags * [fastcgi](https://wordpress.org/support/topic-tag/fastcgi/) * [firewall](https://wordpress.org/support/topic-tag/firewall/) * 1 reply * 2 participants * Last reply from: [wfpeter](https://wordpress.org/support/users/wfpeter/) * Last activity: [1 year, 7 months ago](https://wordpress.org/support/topic/fpm-fastcgi-basic-wordpress-protection-problem/#post-17943829) * Status: resolved