Extended Protection Installation issues

  • sdturnbull

    (@sdturnbull)


    8 years, 10 months ago

    Hi,

    I’ve installed Wordfence just fine on my clients’ site. However, I cannot configure extended protection.

    It’s an Apache host and the setup sees it as suPHP. PHP version is 5.6

    The wordfence WAF file gets created just fine and the .htaccess file is writeable – Wordfence actually writes the following to it:

    # Wordfence WAF

    # END Wordfence WAF

    As you can see, there is nothing between the comment files.

    If adding some code manually between the comments is what’s recomended, I can do that as I have FTP access, but I don’t have access to the host php.ini file.

    This is the first time I’ve experienced this issue, so at a bit of a loss what to do…

    Thanks
    Steve

Viewing 10 replies - 1 through 10 (of 10 total)
  • wfyann

    (@wfyann)

    8 years, 10 months ago

    Hi @sdturnbull,

    Could you please check that the setting specified for the optimization is consistent with your actual configuration. In order to find out which Firewall setup you should be using:

    • Go to the Wordfence Tools page
    • Click the Diagnostics tab
    • In the Other Tests section (near the bottom of the page), click the link that reads “Click to view your system’s configuration in a new window“. This will open a Wordfence System Info page

    Check the Server API field. Is it consistent with the parameter which is “Recommended based on our tests“?

    Thread Starter sdturnbull

    (@sdturnbull)

    8 years, 10 months ago

    Thanks for your reply and sorry for the late response.

    I did as you suggested and it turns out that the sever config is CGI/FastCGI (no suPHP)

    I tried using this configuration but it still refuses to commit a change. I left it for about 15 minutes before refreshing the page, and still not working.

    Thread Starter sdturnbull

    (@sdturnbull)

    8 years, 10 months ago

    Also, for info, I’ve added a .user.ini file with 664 permissions in teh root folder. Still not working.

    wfyann

    (@wfyann)

    8 years, 10 months ago

    Hi @sdturnbull,

    Could you try and manually remove the firewall setup and then carry out the optimization procedure again?

    Thread Starter sdturnbull

    (@sdturnbull)

    8 years, 10 months ago

    Hi

    I’ve done just that – deactivated the firewall after saving the settings to remove config entries as per instructions, deleted and reinstalled the plugin (via Plugin manager)

    This time (with empty .php.ini, .user.ini and WAF comments removed from.htaccess) I ran the setup once more. Gace it 5 mins, refreshed but still no joy…

    For info, using the latest version of WF and WordPress 4.8.1

    wfyann

    (@wfyann)

    8 years, 10 months ago

    Hi @sdturnbull,

    Has the .user.ini file been updated with the Wordfence firewall information?

    In such case, please check the .user.ini file for an entry before our WAF code that says this:

    ini_set('output_buffering', 0);

    Remove or comment out this line and try moving the protection to “Enabled and Protecting”.

    Also, if you’re on SiteGround or another similar hosts that use cPanel, please look into this article in order to set the “auto_prepend_file” environment variable.

    Thread Starter sdturnbull

    (@sdturnbull)

    8 years, 10 months ago

    Hi @wfyann

    No, the .user.ini file remains blank. This time, the .htaccess file is also left untouched (but I’ve only tried the Fast CGI method)

    Could I manually add some setting? If so, what might they be?

    Another thought. I previously had Sucuri installed, but removed it before installing Wordfence. Could that have any bearing on this issue?

    Thanks

    wfyann

    (@wfyann)

    8 years, 9 months ago

    Hi @sdturnbull,

    In case you’re using cPanel, you could try and set the “auto_prepend_file” environment variable.

    Are you getting any errors (for example, in the web server log) indicating an issue with write permissions?

    Thread Starter sdturnbull

    (@sdturnbull)

    8 years, 9 months ago

    Hi,

    Once again, sorry for the delayed reply…

    I have created a php.ini file (remember this is a Apachi _ Fast/CGI server) with 664 permissions and added the correct path to the Wordfence waf file:

    auto_prepend_file = ‘/var/www/web/wordfence-waf.php’

    Still no joy…

    Could an old – now removed – install of Sucuru be causing issues – i.e. with left over files??

    Thanks
    Steve

    wfyann

    (@wfyann)

    8 years, 9 months ago

    Hi @sdturnbull,

    A php.ini file already exists in your environment. It is created when PHP is installed.

    If you want to check where that file is located:

    • Go to the Wordfence Tools page
    • Click the Diagnostics tab
    • In the Other Tests section (near the bottom of the page), click the link that reads “Click to view your system’s configuration in a new window“. This will open a Wordfence System Info page
    • Check the value associated with the “Loaded Configuration File” parameter

    Also could you please make sure your hosting provider supports the “auto_prepend_file” directive.

    I don’t think the issue is related to the old – now removed – install of Sucuri. Looking into the web server log file could help identify the cause.

Viewing 10 replies - 1 through 10 (of 10 total)

The topic ‘Extended Protection Installation issues’ is closed to new replies.