Firewall: Why are you hard coding the file location

  • Resolved garyalderson

    (@garyalderson)


    1 year, 8 months ago

    I have fixed my problem with your php firewall by switching back.
    Unfortunately my ISP changed the NFS file location on me and it took down several of customers and my own website. I had to restore them all from backup. Not a pleasant experience. The problem happened as a direct result of AIOS PHP Firewall’s file names being hard coded in the wp-config.php file which was inserted by AIOS. Really guys, total rookie mistake.

    Why do you not base your directory dynamically on known and well used WP constants such as ABSPATH ?

Viewing 1 replies (of 1 total)
  • Plugin Support aporter

    (@aporter)

    Hi,

    Sorry to hear that, the AIOS firewall runs before WordPress is loaded as a result we have no access to dynamic constants like ABSPATH.

    I don’t think the code in the wp-config.php caused your problem as that has a file exists check.

    I think the issue you may have had is with PHP auto_prepend_file directive which is just a PHP config (text file) that points to other various files, we use this this to be able to load our firewall as soon as PHP starts and allows us to prevent WordPress from even loading if the request is malicious.

    Even though we pass auto_prepend_file a file path that uses ABSPATH, this just gets converted into a absolute path to be put into the PHP config file.

    Best Wishes,

    Ashley

Viewing 1 replies (of 1 total)
  • The topic ‘Firewall: Why are you hard coding the file location’ is closed to new replies.