Plugin Support
wfphil
(@wfphil)
Hi @gesineli
I would like to have a look at your Wordfence diagnostics report. Please go to the top of the “Diagnostics” tab on the Wordfence “Tools” page. There will be a “SEND REPORT BY EMAIL” button to send the diagnostics report. Enter wftest [at] wordfence [dot] com as the email and gesineli as the forum username please.
Once you have emailed me the diagnostics report can you reply here to let me know that it has been sent. This is important in the unlikely event that your installation of WordPress is having an issue with sending mail.
Diagnostics Report has been sent successfully. 🙂
Plugin Support
wfphil
(@wfphil)
Hi @gesineli
It appears that Wordfence can’t write code to the main .htaccess file in the document root directory where WordPress is installed.
If you are not sure what to do with the instructions below then your hosting provider may be happy to help you.
On the Wordfence Tools >> Diagnostics page expand the Wordfence Firewall section.
On the line wordfence-waf.php path, copy the full file path for the wordfence-waf.php file.
For example it will look something like:
/absolute/file/path/to/wordfence-waf.php
Now add this code below to the main .htaccess file in the document root directory where WordPress is installed. Note that you must update the correct file path for your server that you found earlier.
# Wordfence WAF
<IfModule mod_php7.c>
php_value auto_prepend_file '/absolute/file/path/to/wordfence-waf.php'
</IfModule>
# END Wordfence WAF
The firewall should now be optimized and the Protection Level will say Extended Protection.
Hi wfphil,
thanks for your reply! The absolute path showed in the diagnostics tab is /home/…/…/wordfence-waf.php. Do I get you right that the code snippet you provided with your last post has to be added to the .htaccess file of the home folder in this case?
In the home folder a .htaccess file already exists but it is empty at the moment. So should I just add the code snippet in there?!
Thanks for your help – much appreciated!!
Gesine
-
This reply was modified 4 years, 12 months ago by
gesineli.
Plugin Support
wfphil
(@wfphil)
Hi Gesine
Thank you for the update.
The name of the directory where WordPress is installed is actually named wordpress so you would enter the required code in the .htaccess file in the directory named wordpress.
Hope that helps.
Thanks a lot for your reply.
in the .htaccess file of the wordpress folder there is already some WF code inserted. Im am not sure wheather to delete the existing one and replace it with the new one you gave me or to add the new snippet to the existing one?!
This is the code which already exists:
# Wordfence WAF
<Files ".user.ini">
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order deny,allow
Deny from all
</IfModule>
</Files>
# END Wordfence WAF
-
This reply was modified 4 years, 11 months ago by gesineli.
-
This reply was modified 4 years, 11 months ago by gesineli.
Plugin Support
wfphil
(@wfphil)
Hi @gesineli
Thank you for the update.
Keep the code that you posted and add the additional code I gave you.
Hi @wfphil
Thanks a lot for your help! With the code snippet you provided I could activate the extended protection level!
Best regards
Gesine
Plugin Support
wfphil
(@wfphil)
Hi @gesineli
Thank you for the good news!
