Wordfence Firewall Optimization on Flywheel

  • Resolved lakewebworks

    (@lakewebworks)


    2 years, 5 months ago

    Hello, we use Flywheel (getflywheel.com) for hosting, and need guidance on how to optimize the Wordfence firewall in the Flywheel environment.

    When initiating the procedure, we see this:

    To make your site as secure as possible, the Wordfence Web Application Firewall is designed to run via a PHP setting called auto_prepend_file, which ensures it runs before any potentially vulnerable code runs. This PHP setting is currently in use, and is including this file:

    /flywheel/prepend-script.php

    Flywheel also keeps a tight lock on the root directory (it’s a managed WordPress setup that only provides the end-user with access to the /wp-content folder; the rest seems pretty locked down).

    I’ve reviewed https://www.wordfence.com/help/firewall/optimizing-the-firewall/, but still can’t figure how to proceed in this case. Any guidance would be appreciated. Thanks!

Viewing 1 replies (of 1 total)
  • Plugin Support wfphil

    (@wfphil)

    Hi @lakewebworks

    You can try this.

    1) Create a wordfence-waf.php file in the root directory where WordPress is located – this is the same directory where your WordPress wp-config.php configuration file is located.

    2) Add this block of code to the wordfence-waf.php file:

    <?php
// Before removing this file, please verify the PHP ini setting <code>auto_prepend_file</code> does not point to this.

if (file_exists('/www/wp-content/plugins/wordfence/waf/bootstrap.php')) {
define("WFWAF_LOG_PATH", '/www/wp-content/wflogs/');
include_once '/www/wp-content/plugins/wordfence/waf/bootstrap.php';
}

    3) Create a .user.ini server configuration file in the root directory where WordPress is located – this is the same directory where your WordPress wp-config.php configuration file is located.

    4) Add this block of code to the .user.ini file:

    ; Wordfence WAF
auto_prepend_file = '/www/wordfence-waf.php'
; END Wordfence WAF

    You may have to wait up to 5 minutes for the firewall to optimize.

Viewing 1 replies (of 1 total)
  • The topic ‘Wordfence Firewall Optimization on Flywheel’ is closed to new replies.