Overview
Wordfence is a popular security plugin for WordPress and one which Conetix uses and recommends as well. As part of the way it ensures files are scanned and secured for Plesk (and similar) based hosting environments, a hidden .user.ini file is created which ensures Wordfence is loaded before the core of WordPress (for security).
When creating a clone of the site (eg live site to staging or staging to production), the WordPress Toolkit is unaware of this custom file and therefore doesn’t update the contained information. In order to ensure both your website and Wordfence works as expected, this file needs to be manually edited.
Instructions
- Use the Plesk One Click login to select the hosting environment for your website.
- Within the File Manager for your website, locate and edit the .user.ini file. It should look something like the following:
; Wordfence WAF
autoprependfile = '/var/www/vhosts/<yourdomainname>/httpdocs/wordfence-waf.php'
; END Wordfence WAF - Update the file path to correct location. For example, if you’ve created a staging site then this URL may be
/var/www/vhosts/<yourdomainname>/staging.
<yourdomainname>
/wordfence-waf.php - Load the website and ensure you’re able to login to the WordPress admin area as well.