WordFence New Functions and Errors

While trying to troubleshoot some JetPack issues today, I ran into a new WordFence issue. A couple, actually. Here are the problems and the solutions:

WordFence does not cache WordPress anymore.

They removed the Falcon cache. Use CloudFlare instead!


The WordFence Firewall page pops up an error.

You might see this error:

We were unable to write to ~/wp-content/wflogs/ which the WAF uses for storage. Please update permissions on the parent directory so the web server can write to it.

This is because WordFence added a new wflogs folder, which could have the wrong permissions set. Navigate to the folder and set the correct permissions.

cd /var/www/(PATH TO WORDPRESS)/wp-content/
chmod 755 wflogs
chown (WWW USER):(WWW GROUP) wflogs

Also, some users running wp-cron as a scheduled Linux cron job instead of on a per-access wp-cron job may run into an error where the cron job resets permissions to root. Remove the cron job from crontab and add a cron job in cron.d

cd /etc/cron.d
sudo nano wpcron

### Call wp-cron every 10 minutes
*/10 * * * * www-data /usr/bin/wget -q "http://www.tgmgroup.org/wp-cron.php?doing_wp_cron"

CTRL-X / y


The WordFence Firewall wants me to use Extended Protection.

Extended Protection loads the firewall before loading any WP functions or plugins, making it more secure. Apache may only require an .htaccess rule that WF probably self-generates. You need to adjust your Nginx configuration to hide the .user.ini file, though.

location ~ ^/wordpress/\.user\.ini {
    deny all;