Optimizing WordPress Firewall

  • Resolved indelg1

    (@indelg1)


    11 months, 1 week ago

    I am trying to optimize the WOrdpress firewall. I am not exactly sure of the procedure but I am trying to step through the process. When I am in WordPress I press the ‘OPTIMIZE WORDPRESS FIREWALL BUTTON’ and I get the following message.

    To make your site as secure as possible, the Wordfence Web Application Firewall is designed to run via a PHP setting called auto_prepend_file, which ensures it runs before any potentially vulnerable code runs. This PHP setting is currently in use, and is including this file:/usr/home/scaiso/public_html/scanner/WP/malcare-waf.php

    I am not familiar with the file mentioned above. But that may be ok as many things were installed before I actually started maintaining the site. We have JetPack installed and we use other features from that but not any firewall or security features. For security we use Wordfence.

    How should I proceed in optimizing the firewall?

    Greg Indelicato

    The page I need help with: [log in to see the link]

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Support wfphil

    (@wfphil)

    11 months, 1 week ago

    Hi @indelg1

    If your site is hosted at Cloudways then you will need to disable the Bot Protection feature below on your hosting account:

    https://www.cloudways.com/blog/announcing-bot-protection/

    Once it is disabled then you will be able to optimize the firewall in our plugin and it will stay optimized.

    Thread Starter indelg1

    (@indelg1)

    11 months, 1 week ago

    Our site is not hosted by Cloudways. Our host is PAIR Networks. Is there anything else it might be? I would like to optimize the firewall.

    Greg

    Plugin Support wfphil

    (@wfphil)

    11 months, 1 week ago

    Hi @indelg1

    Thank you for the update.

    Please send your Wordfence diagnostics report.

    Update to the latest version of Wordfence if you haven’t already done so.

    Please send your Wordfence diagnostics report. Go to the top of the “Diagnostics” tab on the Wordfence “Tools” page. There will be a “SEND REPORT BY EMAIL” button to send the diagnostics report. Enter wftest [at] wordfence [dot] com as the email and indelg1 as the forum username please.
    Once you have emailed me the diagnostics report can you reply here to let me know that it has been sent. This is important in the unlikely event that your installation of WordPress is having an issue with sending mail.

    Thread Starter indelg1

    (@indelg1)

    11 months, 1 week ago

    I sent the diagnostics report and received the message “Diagnostic report has been sent successfully”. So you should receive it shortly.

    Greg Indelicato

    Plugin Support wfphil

    (@wfphil)

    11 months, 1 week ago

    Hi @indelg1

    You might be able to optimize the firewall using the INCLUDE button. However, if after some time the firewall switches back to Basic WordPress Protection then you can ask your hosting provider if they can disable Malcare from permanently using the auto_prepend_file PHP directive and you will then be able to optimize the firewall again and it will stay optimized.

Viewing 5 replies - 1 through 5 (of 5 total)

The topic ‘Optimizing WordPress Firewall’ is closed to new replies.