OLS Wordpress + Wordfence config?

#1
I'm using PHP 7.3 on my WP blog. I read from this thread that the format should be like this:

auto_prepend_file = "/home/mysite.com/public_html/wordfence-waf.php"

I tried it and fail. Please tell me step by step on how to implement Wordfence on OLS based Wordpress.
 
#3
It's fixed now. I should have entered the code on the lower line.

Thank you for helping me (in)directly by pointing the php info page.
 
#4
I have the same problem with open lite speed however I have multiple sites so I cannot edit the main php.ini, instead I have edit the vhost for the particular website in cyberpanel with the following code:

phpIniOverride {
auto_prepend_file = "/home/????????????.com/public_html/wordfence-waf.php"
php_value display_errors "OFF"
php_value upload_max_filesize "200M"
php_value post_max_size "250M"
}

It changes all the other settings, have checked by looking at the info.php but it does not change the auto_prepend_file ?

Please Help.
 
#5
Hi @chaselifetech

I use Cyberpanel with OpenLiteSpeed, too. And I also host multiple domains on my VPSes. All of them are using Wordfence. This is how I did it:
First of all, install Wordfence on all of your websites on the same VPS. After that, let it generate all of Wordfence files on your sites by following the usual Wordfence firewall's guidance by a couple of clicks..

Now, here comes the fun part:
1. Login to your Cyberpanel. Under Server -- PHP -- click on Edit PHP Configs.
2. You'll have 2 options: Basic & Advanced. Choose Advanced.
3. Select your PHP version. Right now, all my websites are using PHP 7.3. So, I choose that one.
4. Under:
Code:
; Automatically add files before PHP document.
; http://php.net/auto-prepend-file
Insert:
Code:
auto_prepend_file = "/home/1stdomain.tld/public_html/loader.php"
Replace 1stdomain.tld with the domain that you want to use. After that, click "Save Changes"
....
Now, create loader.php file in your first domain which contains:
Code:
<?php
// Prepend the firewall for 1stdomain.tld:
if (strpos($_SERVER['SCRIPT_FILENAME'], '/home/1stdomain.tld/public_html') !== false) {
   // Load the firewall:
   require('/home/1stdomain.tld/public_html/wordfence-waf.php');

// Prepend the firewall for 2nddomain.tld:
} elseif (strpos($_SERVER['SCRIPT_FILENAME'], '/home/2nddomain.tld/public_html') !== false) {
   // Load the firewall:
   require('/home/2nddomain.tld/public_html/wordfence-waf.php');
 
// Prepend the firewall for 3rddomain.tld:
} elseif (strpos($_SERVER['SCRIPT_FILENAME'], '/home/3rddomain.tld/public_html') !== false) {
   // Load the firewall:
   require('/home/3rddomain.tld/public_html/wordfence-waf.php');

}
You can modify it to as many domains as you want. You can use your favorite text editor to edit that. For convenience, I used WinSCP to add and edit the file. After you've done editing, save it and change the file permission. With WinSCP, you just right click on loader.php and choose properties and then change Group & Owner to your site 1 user.

If you're comfortable using command line, you can use this:
Code:
ls -l /home
to find out your site user.

And then:
Code:
chown -R usrsite1:usrsite1 loader.php
Replace usrsite1 with your user on site 1.

If you edited the php.ini manually by using command, you need to restart OpenLiteSpeed. Do so by entering this command:
Code:
/usr/local/lsws/bin/lswsctrl restart
Done. Check your sites. There should be no more warning from Wordfence.

It's almost 3 am in my time, and English is not my first language. I hope what I wrote can help you.
 
#6
Hello,

Thank you, I will try that, that should work
I just don’t understand why editing the vhost does not work for that particular setting, stupid question is there no way in the php.ini you couldn’t identify the different domains?
Kind regards

David
 
#7
Hi @chaselifetech

I use Cyberpanel with OpenLiteSpeed, too. And I also host multiple domains on my VPSes. All of them are using Wordfence. This is how I did it:
First of all, install Wordfence on all of your websites on the same VPS. After that, let it generate all of Wordfence files on your sites by following the usual Wordfence firewall's guidance by a couple of clicks..

Now, here comes the fun part:
1. Login to your Cyberpanel. Under Server -- PHP -- click on Edit PHP Configs.
2. You'll have 2 options: Basic & Advanced. Choose Advanced.
3. Select your PHP version. Right now, all my websites are using PHP 7.3. So, I choose that one.
4. Under:
Code:
; Automatically add files before PHP document.
; http://php.net/auto-prepend-file
Insert:
Code:
auto_prepend_file = "/home/1stdomain.tld/public_html/loader.php"
Replace 1stdomain.tld with the domain that you want to use. After that, click "Save Changes"
....
Now, create loader.php file in your first domain which contains:
Code:
<?php
// Prepend the firewall for 1stdomain.tld:
if (strpos($_SERVER['SCRIPT_FILENAME'], '/home/1stdomain.tld/public_html') !== false) {
   // Load the firewall:
   require('/home/1stdomain.tld/public_html/wordfence-waf.php');

// Prepend the firewall for 2nddomain.tld:
} elseif (strpos($_SERVER['SCRIPT_FILENAME'], '/home/2nddomain.tld/public_html') !== false) {
   // Load the firewall:
   require('/home/2nddomain.tld/public_html/wordfence-waf.php');

// Prepend the firewall for 3rddomain.tld:
} elseif (strpos($_SERVER['SCRIPT_FILENAME'], '/home/3rddomain.tld/public_html') !== false) {
   // Load the firewall:
   require('/home/3rddomain.tld/public_html/wordfence-waf.php');

}
You can modify it to as many domains as you want. You can use your favorite text editor to edit that. For convenience, I used WinSCP to add and edit the file. After you've done editing, save it and change the file permission. With WinSCP, you just right click on loader.php and choose properties and then change Group & Owner to your site 1 user.

If you're comfortable using command line, you can use this:
Code:
ls -l /home
to find out your site user.

And then:
Code:
chown -R usrsite1:usrsite1 loader.php
Replace usrsite1 with your user on site 1.

If you edited the php.ini manually by using command, you need to restart OpenLiteSpeed. Do so by entering this command:
Code:
/usr/local/lsws/bin/lswsctrl restart
Done. Check your sites. There should be no more warning from Wordfence.

It's almost 3 am in my time, and English is not my first language. I hope what I wrote can help you.
Hi @lawang21, which permission should I use for loader.php? I will use filezilla to create it
 
Top