Wordfence with PHP-FPM
Wordfence is one of the godsend plugins out the there for WordPress security. It has been used by many WordPress sites because it works as advertised and a very popular security plugin out there for WordPress.
Since PHP can be run from multiple ways, it is hard for Wordfence to do this the automated way. Yes, they do tackle multiple ways of installation, but if you are running PHP-FPM (like RunCloud does) you need to add something to your config to make Wordfence work with your WordPress installation.
For this tutorial, I will be using wordfence.runcloud.io as my Wordfence test site. I will not be going through WordPress installation, but this is my Web Application info.
After you have successfully installed Wordfence plugin, you will be greeted with this message. Click “click here to configure” button to configure Wordfence.
At the bottom of the configure page (Alternate method), you will see a message to add the configuration to your php-fpm setting.
For my site, I need to add this line inside my php.ini:
auto_prepend_file = '/home/runcloud/webapps/wordfence/wordfence-waf.php'
Just leave it there, we are not going to add it inside our php.ini. But that is what we are going to use inside our php-fpm configuration.
Based on the Web Application summary that you can see above, our Web Application name is “wordfence”. What we are going to do is to locate extra php-fpm config for this Web Application. The extra configuration file will be /etc/php-extra/wordfence.conf. The config name is easy. If your Web Application name is “mywordpress”, the extra php-fpm config file will be /etc/php-extra/mywordpress.conf. If you didn’t have this file, just go to your Web Application section inside RunCloud Panel and click rebuild button to get your fpm extra configuration file.
Now open the /etc/php-extra/wordfence.conf with your preferred editor. You may use Vim, Nano or Pico, but my favorite is Nano. Once you are in there, just put the value like the line below
php_admin_value[auto_prepend_file] = /home/runcloud/webapps/wordfence/wordfence-waf.php
Don’t copy mine. Use your own value for php_admin_value[auto_prepend_file]. It should be same as what Wordfence had suggested earlier.
Once you have added that, reload your php.
systemctl reload php71rc-fpm
Depending on which php version you are using (refer to the Web Application summary), reload that php version. If you are not sure what you are doing, refer to our PHP Cheat Sheet documentation. Once you have done that, your Wordfence will start to do its job. Now you may tweak your Wordfence config for your personalized settings.