WordFence Tweaks
WordFence Tweaks
Wordfence is a great security plugin for your WordPress site as it combines a firewall, login security, malware scanning, and other security tools too. If you migrate or create a copy of a site with it enabled though there are some config changes that you need to make in order for the site to work. This is because the full file path to certain files is stipulated in some of the config files and those aren't updated when a site is copied. Check these files if you've got 500 error on your newly copied site and have the following error coming up in your apache error log:
Unknown: open_basedir restriction in effect. File(/home/mysite/public_html/wordfence-waf.php) is not within the allowed path(s): (/home/storm/sites/mywebsite-com/:/home/storm/tmp/mywebsite-com:/tmp) in Unknown on line 0PHP message: PHP Warning: Unknown: Failed to open stream: Operation not permitted in Unknown on line 0PHP message: PHP Fatal error: Failed opening required '/home/mysite/public_html/wordfence-waf.php' (include_path='.:/usr/share/php') in Unknown on line 0'
You'll need to connect to the server, so FTP (guide here for finding your FTP details) or SSH (guide here for finding out SSH details) on to the server and browse to your site's root directory. The 2 files to check are .user.ini and wordfence.waf.
Let's look at the .user.ini first. Open it up to edit it:
Check to make sure that the auto_prepend_file location exactly matches the file path on the server, change if necessary and then save.
Next is the wordfence-waf.php and this one may, or may not need changing. If it displays the full file path and that's wrong, then change it, then save and close.
You just need to wait a few minutes to those changes to work (you may need to clear your browser cache) and then try viewing the site again. If this hasn't resolved the issue then a good place to look for some pointers as to what's going wrong are the error log files. Here's some more information on viewing your log files:
Updated 28 days ago