judehall

Forum Replies Created

Viewing 1 replies (of 1 total)
  • Forum: Plugins
    In reply to: [Wordfence Security - Firewall, Malware Scan, and Login Security] Suggestion for WP_HTTP_Proxy Support in Wordfence Plugin
    judehall

    (@judehall)

    11 months, 3 weeks ago

    We’re experiencing the same issue.
    We’ve configured our proxy in wp-config.php using WP_PROXY_HOSTWP_PROXY_PORT, etc. Most outbound requests from Wordfence respect this setup, but rule updates consistently fail.

    After monitoring traffic with tcpdump, we confirmed that Wordfence does not use the proxy for its rule update requests.

    As a very temporary workaround that only works for our use-case, we modified the wfWAFHTTPTransportCurl class (located at /vendor/wordfence/wf-waf/src/lib/http.php) to explicitly set our proxy in the cURL request. Around line 357, we added:

    curl_setopt($ch, CURLOPT_PROXY, 'MY_PROXY_HOST');
    curl_setopt($ch, CURLOPT_PROXYPORT, 'MY_PROXY_PORT');
    curl_setopt($ch, CURLOPT_PROXYUSERPWD, 'MY_USERNAME:MY_PASSWORD');

    We don’t recommend editing plugin files as a long-term solution, but this was necessary to get rule updates working in our environment.

    Notably, there’s a @todo Proxy settings comment at the top of the wfWAFHTTPTransportCurl class, which suggests the Wordfence team is aware of this limitation. Hopefully, it’ll be addressed in a future update.

Viewing 1 replies (of 1 total)