Hi,
The WAF is a new addition to Wordfence. All of the previous security functionality is still in Wordfence and is available if the WAF is enabled or not. So, in short, you are protected. The WAF is another layer of security.
We have a help document posted that addresses most of the .ini issues we’re seeing. See if this helps. If not, please let us know who you use for hosting and your configuration.
https://docs.wordfence.com/en/Web_Application_Firewall_Setup
Thanks!
Brian
Thread Starter
mnorth
(@mnorth)
Thanks for the first part.
I’ve gone through the entire process detailed in the help document. I’ve looked at all the ini files and they appear to contain the applicable code. The htaccess file does not contain anything related to the WAF.
The thing is, I really don’t know whether WAF is working or not and that the configuration notification is just there for some other reason.
I just looked at the firewall page and I have a notification that the Firewall Status is in ‘Learning Mode’. There is also a notification recommending Learning Mode for a week before enabling the firewall. Is this correct?
When I look at the Diagnostics Page, auto-prepend-file is listed as having ‘no value’.
I’m hosted by an Australian ISP ‘Netregistry’. I’m not sure what you mean by ‘configuration.
Hi,
If auto_prepend_file has ‘no value’, then it’s not fully installed, but should still be running “Basic WordPress Protection”. We have a new document to clarify that here:
Basic vs Extended Protection.
Can you see in the Diagnostics report (using the “Click to view your system’s configuration in a new window ” link again) if user_ini.filename has a value? And also, what is the Server API near the top of the page?
-Matt R
