Hi @golddragon!
The fix that you mention as number 4 should have worked since it would prevent Wordfence Firewall from loading on the sendy site, assuming the sendy site is located in a subdirectory of your iuoss site.
Did you optimize the Firewall in the iuoss site using a .user.ini setup or did you optimize it some other way? It’s possible that your site isn’t using .user.ini at all and that your optimization was done via .htaccess instead for example. Then the auto_prepend_file override would have to be done via .htaccess instead.
Let me know what you think!
My files:
– .htaccess:
ErrorDocument 404 "[404 error] If you're seeing this error after install, check this FAQ for the fix: https://sendy.co/troubleshooting#404-error"
Options +FollowSymLinks
Options -Multiviews
RewriteEngine On
RewriteCond %{SCRIPT_FILENAME} !-d
RewriteCond %{SCRIPT_FILENAME} !-f
RewriteRule ^([a-zA-Z0-9-]+)$ $1.php [L]
# Link tracker
RewriteRule ^l/([a-zA-Z0-9/]+)$ l.php?i=$1 [L]
# Open tracker
RewriteRule ^t/([a-zA-Z0-9/]+)$ t.php?i=$1 [L]
# Web version
RewriteRule ^w/([a-zA-Z0-9/]+)$ w.php?i=$1 [L]
# unsubscribe
RewriteRule ^unsubscribe/(.*)$ unsubscribe.php?i=$1 [L]
# subscribe
RewriteRule ^subscribe/(.*)$ subscribe.php?i=$1 [L]
– .user.ini
auto_prepend_file = none
Sorry, I’m not familiar this much. Is it correct ?
Hi @golddragon!
In the site where you have Wordfence installed, if you have optimized the firewall you will have the auto_prepend_file set to wordfence-waf.php either in .htaccess directly or in .user.ini. For iuoss, do you have auto_prepend_file set in .user.ini?
my main web where is Wordfence installed, I have file .htaccess:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
# Wordfence WAF
<IfModule mod_php5.c>
php_value auto_prepend_file '/var/www/oss/students/wordfence-waf.php'
</IfModule>
<Files ".user.ini">
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order deny,allow
Deny from all
</IfModule>
</Files>
php_value upload_max_filesize 128M
php_value post_max_size 128M
php_value max_execution_time 300
php_value max_input_time 300
# END Wordfence WAF
There is no file .user.ini
Hi @golddragon!
Ok so that explains why the .user.ini override in the subfolder isn’t working. Your site doesn’t use that file type. Your Firewall configuration only uses .htaccess.
To prevent the Firewall from loading in the subfolder you should then add in your .htaccess in the subfolder
<IfModule mod_php5.c>
php_value auto_prepend_file none
</IfModule>
Let me know if that works!
It worked.
Thank you so much 😀
That’s great news thanks for letting me know!
Hope you have a great weekend.
