Thread Starter
acekin
(@acekin)
I am hoping someone will answer this question. I have also checked the system configuration, the auto_prepend_file points to the correct wordfence-waf.php file. Is this a case where all is fine except the signal sent for wrong configuration is wrong?
Cemal
Hi Cemal,
Sorry for my late reply, I checked your website and I can see you are using Cloudflare on nginx server, could you please confirm that?
Also, are you sure you selected the correct server configuration during “Firewall Setup“? and may I know which hosting provider are you using?
I want also to make sure you have gone through these common reasons for firewall setup failure.
Let me know how it goes,
Thanks.
Thread Starter
acekin
(@acekin)
Thank you, I am behind CloudFlare, you saw the ngnx part, what can I do to try and fix the setup. By the way, for various reasons I disconnected from CloudFlare a couple of times, and made sure that I changed the setting fro WF to get the IP in the best way but the incorrect configuration message never disappeared.
As I wrote in my second post here, I checked the server settings and found the variable pointing to the right folder and file. I have read through the document, that’s how I found how to check the server settings. Let me know if there is anything else, or can I leave the firewall setting broken, if it indeed is, while the rest of Wordfence functioning properly.
By the way, I looked at the firewall page, it says firewall status is enabled and protecting despite the message on top of the screen. Obviously one of them is wrong.
Thank you,
Cemal
-
This reply was modified 9 years, 4 months ago by
acekin.
Please go to (Wordfence > Diagnostics) and scroll down the page till “Send Report by Email” and send the report to “alaa [at] wordfence [dot] com”, make sure to include your forum username, I will take a look at this report and let you know my findings.
Also, you can share a screenshot of “Firewall” page with the same email above.
One last thing to try is to “Remove Extended Protection” and “Reconfigure the firewall” again.
Let me know how it goes,
Thanks.
Hi Cemal,
Based on the info I got via email, I can see “auto_prepend_file” value in “php.ini” file is empty, and I couldn’t see that “.user.ini” is loaded in “Additional .ini files parsed”.
May I know which hosting provider are you using? because you will need to get in contact with them regarding this issue, perhaps they have a custom configuration prevents loading “.user.ini” files or something else.
Also, while configuring the Firewall, are you sure “Apache + CGI/FastCGI” was selected?
Thanks.
Thread Starter
acekin
(@acekin)
Hello again, and thank you for staying with me. Via e-mail I will send you the contents of the files mentioned along with folder info etc.
My hosting provider is DailyRazor.com. Shall I ask them whether the user.ini is loading or not? Perhaps I can check it from my cpanel? All said, if WFFW was not running at all, would it still have files with today’s date in the logs folder?
When I first configured the Firewall, I accepted the default choice because it was best based on your experience. I will be glad to remove Wordfence, delete all the files and tables, start from scratch. Take a look at the mail I am sending you as well.
Cemal
Hi,
If you go to (Wordfence > Diagnostics) and clicked on “Click to view your system’s configuration in a new window“, you can see that “auto_prepend_file” has no value and “Additional .ini files parsed” doesn’t have your “.user.ini” file although you have set up everything correctly as I can see, that’s why I suggest contacting your web host regarding this issue.
Thanks.
Thread Starter
acekin
(@acekin)
Hello,
I checked again, and the “Local” value is filled with the correct path and file name but the master value is empty. Is that supposed to have the same path information? I will contact my hosting company and inquire about the ini files. I understand the .user.ini is the file that needs to be processed.
Thank you for your assistance, once I hear from the hosting tech support and try their suggestion I will update this post.
Cemal
Thread Starter
acekin
(@acekin)
Hi,
I gave my hosting company support an admin level user ID and they sent the following message (folder and path are redacted):
————————————————
We can now assure you that the following lines in your file /domain.com/.user.ini:
; Wordfence WAF
auto_prepend_file = ‘/xxx/yyyy/public_html/zzzzz/wwwww/wordfence-waf.php’
; END Wordfence WAF
max_execution_time = 120
are successfully parsed by PHP. You can view them here – keptlight.com/phpinfo.php
Moreover, your Wordfence firewall works out properly. You can ignore the warning you get in your WP-admin.
Should you have any questions, do not hesitate to contact us, we are available 24/7.
————————————————
So, was it a cosmetic artifact left on the dashboard the source of my chasing this red herring?
Thanks,
Cemal
-
This reply was modified 9 years, 4 months ago by acekin.
Hi Cemal,
Back to this one after further investigations, I can see “auto_prepend_file” is defined correctly now on your server, but I noticed that accessing the “wflogs” directory on your website via this link “your-website.com/subdir/wp-content/wflogs/” leads to “404 not found” page, that’s not normal and I doubt this could be the reason why the firewall configurations aren’t loaded correctly, I suggest checking “.htaccess” file for any rule there that might be causing this issue, or simply report this one to your web host as this isn’t the default behavior.
Thanks.
Thread Starter
acekin
(@acekin)
Ah-ha! I restrict access to wp-content in robots.txt file and allow access to specific folders. I will add the wflogs to the allowed side.
While trying to trouble shoot for another plugin, I disabled many plugins and deleted them along with their data. After that, I installed Wordfence again and this time it went through with no error messages at all; I thought all was good! Thanks for the deeper look, I will fix that folder access issue.
Thank you,
Cemal
-
This reply was modified 9 years, 4 months ago by acekin.
