Updating WordPress via composer update obliterates wordfence-waf.php

Is there a way to keep this file intact? It bricks the site because that file is missing.

PHP Fatal error: Unknown: Failed opening required '/var/www/html/web/wp/wordfence-waf.php'

I had to untar a backup and restore that file again.

Add it to your repo? I don’t know how it’s removed, or added, but there are probably other strategies too. If you’re using Trellis you could generate/copy/something it on deploy.

I guess I can just keep a copy in Bedrock’s root directory.

The proper solution is to edit the .user.ini and have it point to the web directory and then move wordfence-waf.php to the web directory, instead of the wp directory.

# .user.ini
Wordfence WAF
auto_prepend_file = '/var/www/html/web/wordfence-waf.php'
; END Wordfence WAF
# ls -al /var/www/html/web
total 32
drwxr-xr-x    4 www-data www-data      4096 Nov 13 14:02 .
drwxr-xr-x    7 www-data www-data      4096 Nov 13 00:02 ..
-rw-r--r--    1 www-data www-data        94 Nov 13 14:02 .user.ini
drwxr-xr-x    8 www-data www-data      4096 Nov 13 12:47 app
-rw-r--r--    1 www-data www-data       117 Oct 16 01:46 index.php
-rw-r--r--    1 www-data www-data       335 Nov 12 20:15 wordfence-waf.php
drwxr-xr-x    5 www-data www-data      4096 Nov 13 14:02 wp
-rw-r--r--    1 www-data www-data       413 Oct 16 01:46 wp-config.php

This topic was automatically closed after 42 days. New replies are no longer allowed.