trouble with wordfence,, readonly_exec() whitelist ?

[gnd]

Hello,

I am using Snuffleupagus along various Wordpress installs and I have trouble with readonly_exec() option that collides with the way Wordfence works.

After setting the correct permissions for the whole WP install (chmod ugo-w for all *.php *.inc) I notice the site doesn't load, because of Wordfence. Wordfence changes file permissions (apparently on load of WP) for its own files so that they are writable by the user. These files are specifically:

/wp-content/wflogs/attack-data.php
/wp-content/wflogs/config.php
/wp-content/wflogs/config-synced.php
...
/wp-content/wflogs/rules.php

Snuffleupagus stops execution of rules.php and thus of the whole site, which remains blank.

Is there a way to ignore these files / this directory and still be able to use readonly_exec() ? Otherwise I will have to disable it :(

[jvoisin]

Nope, there is no way to tell Snuffleupagus to ignore some files for readonly_exec().
I think that the right™ way to address this would be to convince the Wordfence people to restore the rights of the php files after they've been modified.