Problems reading Wordfence Firewall config data
The Wordfence firewall stores some of its information in the file system. The files are located in the “wp-content/wflogs” directory. If there are issues with file writing or disk space on the server, the configuration file “config.php” could become corrupt. If this happens, you will receive an administrative notice on all Wordfence pages, prompting you to rebuild the configuration file automatically. If restoration completes successfully, no further action is required on your part.
If the message still appears after reloading the page, you may need to fix file permissions on the files in the “wp-content/wflogs” directory, including the “wflogs” directory itself. Some hosting companies may need to do this for you, while most others allow you to do it yourself.
You can also try renaming the “wflogs” directory, which will reset the firewall settings. This will cause the firewall status to revert to “Learning Mode” if it was previously set to the “Enabled and Protecting” mode. It will also remove any automatic allowlist entries added to the “Allowlisted URLs”.
Configuration update for sites switching from mod_php5 to mod_php7
Sites that were originally installed on a server using mod_php5 may display an admin notice like this, in preparation for upgrading to PHP 7, or to optimize the firewall again after switching to PHP 7:
The Wordfence Web Application Firewall needs a configuration update. It is not currently in extended protection mode but was configured to use an older version of PHP and may have become deactivated when PHP was updated. You may perform the configuration update automatically by clicking here or use the "Optimize the Wordfence Firewall" button on the Firewall Options page.
Hosts using mod_php are less common than those using other methods to run PHP, so if your firewall is already optimized and you do not see this admin notice, your site should be configured correctly.
PHP 8 will have a similar message, and the new module name will no longer include a PHP version number.
Generally, you should only need to click the link in the admin notice to automatically update the “.htaccess” file for the firewall. If the notice disappears, then the configuration has been modified correctly. If the notice appears again, you can use the button “Optimize the Wordfence Firewall” on the “Firewall Options” page to try updating the files in the same way that it works in a new installation. If you still have trouble resolving the issue, please contact our support team.
Firewall Optimization Troubleshooting
If you are experiencing issues during Firewall Optimization, please see our documentation on Firewall Optimization Troubleshooting.