Activate Full WAF on Hetzner Webhosting with PHP 8

Can you add the directive for PHP 8 to your .htaccess and then run the troubleshooter script:
https://nintechnet.com/share/wp-check.txt

Hey, I just did that. Here’s the relevant part (I masked the paths with […]):

HTTP server	:	Apache
PHP version	:	8.2.23
PHP SAPI	:	CGI-FCGI

auto_prepend_file	:	none
.htninja	:	found in […]/.htninja
wp-config.php	:	found in […]/wp-config.php
NinjaFirewall detection	:	NinjaFirewall WP Edition is loaded (WordPress WAF mode)

Loaded INI file	:	/home/httpd/php82-ini/[…]/php.ini
user_ini.filename	:	none
user_ini.cache_ttl	:	300 seconds
User PHP INI	:	php.ini found -
 	 	 
DOCUMENT_ROOT	:	[…]
ABSPATH	:	[…]
WordPress version	:	6.6.2
WP_CONTENT_DIR	: […]/wp-content
Plugins directory	:	[…]/wp-content/plugins
User Role	:	Administrator
User Capabilities	:	manage_options: OK - unfiltered_html: OK
Log dir permissions	:	[…]/wp-content/nfwlog dir is writable
Cache dir permissions	:	[…]/wp-content/nfwlog/cache dir is writable

Can you ask your host how/where to add the PHP auto_prepend_file directive? That’s very odd that it stopped working with PHP 8. Or maybe there’s a new option in your hosting admin panel where you can add the directive?

I created a ticket and just received a response that Hetzner can manually set this in the PHP.ini for each account. I also asked if there’s any way to make the change myself, but haven’t received an answer on that yet. Creating a support ticket with Hetzner for each site is a bit tedious. I’ll post an update here once Hetzner gets back to me.

I just received the response. Hetzner no longer uses mod_php (at least not from PHP 8 onwards). The setting simply needs to be added without the “IfModule mod_phpX.c” directive ??

Just write it like

# BEGIN NinjaFirewall
php_value auto_prepend_file "[…]/wp-content/nfwlog/ninjafirewall.php"
# END NinjaFirewall