Koozali.org: home of the SME Server
Obsolete Releases => SME Server 9.x => Topic started by: michelandre on August 12, 2016, 11:54:39 PM
-
Hi all,
I am trying to install Wordfence Security-6.1.12 on a WordPress-4.5.3–fr_FR running on a SME-9.1/64 in VirtualBox Version 5.0.12 r104815
On installation Wordfence is asking:
You will need to append the following code to your php.ini:
auto_prepend_file = '/home/e-smith/files/ibays/Primary/html/wordfence-waf.php'
# db configuration setprop php auto_prepend_file /home/e-smith/files/ibays/Primary/html/wordfence-waf.php
# db configuration show php | grep auto_prepend_file
auto_prepend_file=/home/e-smith/files/ibays/Primary/html/wordfence-waf.php
# expand-template /etc/php.ini
#
# /etc/init.d/httpd-e-smith restart
Restarting httpd-e-smith [ OK ]
#
# cat /etc/php.ini | grep auto_prepend_file
auto_prepend_file =
#
There is nothing after the =
According to: https://wiki.contribs.org/DB_Variables_Configuration#Php
Usage
db configuration setprop php variable value
expand-template /etc/php.ini
/etc/init.d/httpd-e-smith restart
Where do I go wrong?
Am I missing something?
Any help appreciated,
Michel-André
[/color]
-
I'm just guessing... but I think it's easy to try something like:
db configuration setprop php auto_prepend_file "/home/e-smith/files/ibays/Primary/html/wordfence-waf.php"
maybe expansion has problem because of "/"
Good luck
Jáder
-
Hi Jader,
Thank you for the advice but I tried with an escaping \, with ", with ' etc... to no avail :(
I cannot add any property at all to php.ini.
I will try with another Virtual Machine.
Michel-André
-
Hi all,
There is a link in Wordfence to display the system's configuration and it shows all the php settings.
I have to admit that the php property auto_prepend_file is set to /home/e-smith/files/ibays/Primary/html/wordfence-waf.php even if it does not show in /etc/php.ini. Wordfence calls it a Local Value Directive.
But, I would like to have an explanation about not showing in the /etc/php.ini.
Any explanation very welcome,
Michel-André
-
Not using scl right?
-
Obvious things to check....
What does this show ?
config show php
What is in your logs when you expand the template ?
-
Hi all,
Thank you RequestedDeletion for your comment.
I installed a brand new 9.1 and it was doing the same thing. Showing nothing in /etc/php.ini.
I update and same behaviour.
Thank you ReetP for your comment.
# config show php
php=service
AllowUrlFopen=Off
MemoryLimit=128M
UploadMaxFilesize=50M
auto_prepend_file=/home/e-smith/files/ibays/Primary/html/wordfence-waf.php
status=enabled
#
The messages log show absolutely nothing.
Wordfence gives:
Core
PHP Version 5.3.3
Directive Local Value Master Value
auto_prepend_file /home/e-smith/files/ibays/Primary/html/wordfence-waf.php no value
Michel-André
-
The answer is in the wiki.
Check DB variables.
What made you think just adding any old key to the php config entry would work ? As a long time user I am sure you are well aware that not every single var is set by SME.
You can also check the relevant templates.
Do a grep like I did for prepend and see what the template shows. You'll see that there is no code to query the config entry.
You could either add a hard coded entry in a custom template or even write yourself a bit of perl to read an entry and add it automagically...... it isn't that hard
-
Hi all,
Thank you ReetP for your advices.
I did a grep:
# grep -nr 'auto_prepend_file' /etc
/etc/e-smith/templates/etc/php.ini/40DataHandling:12:auto_prepend_file =
/etc/php.ini:52:auto_prepend_file =
# cat /etc/e-smith/templates/etc/php.ini/40DataHandling
mysql.allow_persistent = On
variables_order = "EGPCS"
register_globals = Off
register_argc_argv = On
post_max_size = {
my $ms = $php{PostMaxSize} || "20M";
$OUT .= "$ms";
}
magic_quotes_gpc = Off
magic_quotes_runtime = Off
magic_quotes_sybase = Off
auto_prepend_file =
auto_append_file =
default_mimetype = "text/html"
Environment variables returned nothing.
# env | grep auto_
#
Since there is nothing after the = I did a reboot to see if Wordfence will remember the Directive and it did.
# db configuration show php
php=service
AllowUrlFopen=Off
MemoryLimit=128M
UploadMaxFilesize=50M
auto_prepend_file=/home/e-smith/files/ibays/Primary/html/wordfence-waf.php
status=enabled
#
You are right: https://wiki.contribs.org/DB_Variables_Configuration
So the answer is that the properties of php and others are stored in DB.
My newbie knowledge rises up to a new level :)
Michel-André
-
# db configuration show php
php=service
AllowUrlFopen=Off
MemoryLimit=128M
UploadMaxFilesize=50M
auto_prepend_file=/home/e-smith/files/ibays/Primary/html/wordfence-waf.php
status=enabled
#
I'm not sure you understand. The auto_prepend line above will do ABSOLUTELY NOTHING because there is nothing in the template to read it and hence why your php.ini will still contain
auto_append_file =
When you look in the template:
cat /etc/e-smith/templates/etc/php.ini/40DataHandling
You can see the only variable obtained from the DB is this:
post_max_size = {
my $ms = $php{PostMaxSize} || "20M";
$OUT .= "$ms";
}
You are right: https://wiki.contribs.org/DB_Variables_Configuration
Another one for your reading list:
https://wiki.contribs.org/Useful_Commands#PHP_Related_Commands
So the answer is that the properties of php and others are stored in DB.
Only SOME. The above links wil tell you what variable ARE recognised. Clearly auto_prepend_file is not.
If you wanted to populate the auto_prepend line in php.ini you would also need something like this in a custom-template
auto_prepend_file ={
my $autoPrep = $php{auto_prepend_file} || "";
$OUT .= "$autoPrep";
}
Unless you do that then I suggest you remove the auto_prepend_file item from your php config as it does nothing and will only confuse you in future.
-
Hi all,
Thank you again for your comment and staying in,
According to: https://docs.wordfence.com/en/Web_Application_Firewall_-_Basic_WordPress_Protection_vs._Extended_Protection (https://docs.wordfence.com/en/Web_Application_Firewall_-_Basic_WordPress_Protection_vs._Extended_Protection)
Extended Protection
In the optimization process, Wordfence changes the PHP configuration to allow the firewall to be loaded before WordPress or any other PHP files that may be directly accessible. Depending on your server’s configuration, this may require changes to the files .htaccess, .user.ini, or php.ini.
Wordfence prompts you to download backup copies of these files before they’re modified, in case the server is configured in a way that the changes will not work.
Once the optimization steps are complete, all PHP requests will be processed by the firewall.
That is the main reason I wanted to insert the property in php.ini.
Quite an appreciated suggestion for the custom-template but since Wordfence is working properly and it recognizes the auto_prepend_file location etc... maybe I should leave everthing like it is. What do you think?
As of today, Wordfence was downloaded 17,165,514. There are 2 621 comments with 4 stars and only 65 with 1 star. So I think they have a very good reason to do it that way.
Michel-André
-
Any app that tries to write to a file that is generated by the SME template system will find its settings overwritten on updates to the SNE system. So its a very bad idea to let this happen as your application is likely to break at any time. Do you also understand the implications of the setting ?
You need to understand more about the system before playing with fire !
You may be better off making a custom template with the correct settings so your application does not interfere.
A good read of the wiki from start to finish would be a good idea...... a lot of time has been expended explaining these sorts if basics.
-
Hi ReetP,
As soon as I will have time, I will try a template taking your example above.
Thank you again for your professional advices,
Michel-André
-
No probs. Just don't 'guess' unless you are messing about on a test system. It is too dangerous.
Understand the system better and the consequences of your actions fully.
B. Rgds
John
-
Hi all,
Finally I don't need to keep the property in php.ini.
I checked most of the files of Wordfence and I saw the .htaccess in the root directory of WordPress.
...
# Wordfence WAF
<IfModule mod_php5.c>
php_value auto_prepend_file '/home/e-smith/files/ibays/Primary/html/wordfence-waf.php'
</IfModule>
<Files ".user.ini">
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order deny,allow
Deny from all
</IfModule>
</Files>
# END Wordfence WAF
Wordfence strored the php property in it and since this will be the first file executed, it will find it.
I double checked by deleting the property in the php DB and revoot the server.
I cleared all the history of the navigator.
Loged in WordPress and saw that the php value is still displayed in system info of Wordfence.
Michel-André
-
michelandre
See this
https://wiki.contribs.org/Htaccess
and this
https://wiki.contribs.org/Template_Tutorial