How to optimize Astra Website Protection Installation
how-to-optimize-astra-website-protection-installation
To further optimize the Astra Website Protection installation on your server, the PHP variable auto_prepend_file value has to be configured. This ensures that the protection is extended to application files outside the CMS as-well.
Depending on the server configuration the auto_prepend_file variable can be configured in one of the following files:.htaccess
.user.iniphp.ininginx.conf
How to add auto_prepend_file on your server
Step 1 - Find the path to the autoload.php file
1. Open the File Manger in your Hosting Panel, or connect to the server via SSH or (s)FTP
2. Navigate to the path of your website files, and locate the Astra autoload.php file as per the table below
PHP Application | |
WordPress | |
Magento 2 | |
Magento 1 | |
OpenCart 3 | |
OpenCart 2 | |
OpenCart 1 | |
Prestashop | |
Drupal |
3. Get the full (absolute) path of the file. For eg: /home/example/public_html/getastra-premium/autoload.php
4. Keep this path handy as we'll be using it in the next step
Step 2 - Set the auto_prepend_file variable & verify it
1. Let's start by adding the variable in the .htaccess file as shown below, AFTER updating the path to the autoload.php file as identified in the earlier step
php_value auto_prepend_file /path/to/getastra-premium/autoload.php
2. Create a phpinfo file to check the PHP variables
3. Open the phpinfo page, and search for the string auto_prepend_file in it
4. If the variable is not set on adding the code to the .htaccess, let us try to set it in the .user.ini and/or the php.ini file as show below (same code snippet):
auto_prepend_file = /path/to/getastra-premium/autoload.php;
5. If you’re using an Nginx server, the above methods may not work. Instead, you can modify the nginx.conf file as shown below:
location ~ \.php$ {
fastcgi_param PHP_VALUE "auto_prepend_file=/path/to/getastra-premium/autoload.php";
}
Depending on your server configuration, you may have to restart Apache/Nginx/LiteSpeed for the changes to take effect
How to remove auto_prepend_file on your server
1. Open the File Manger in your Hosting Panel, or connect to it via SSH or (s)FTP
2. Create a phpinfo page on your server
3. Search for the string auto_prepend_file in the phpinfo page contents
4. If the value in this field is empty, or does not have a path which contains getastra-premium/autoload.php then it means that Astra Website Protection is not installed on your site and you can skip the following steps
5. [Important] Now we need to remove the auto_prepend_file configuration, before deleting the getastra-premium folder
6. The auto_prepend_file configuration can be present in any one or many of the following files. Please make a copy of the file before removing the auto_prepend_file value. The actual path to the autoload.php file will vary server to server.
.htaccess | php_value auto_prepend_file /var/www/html/getastra-premium/autoload.php | Comment it out by changing php_value to #php_value |
auto_prepend_file = /var/www/html/getastra-premium/autoload.php | Comment it out by changing auto_prepend_file to ;auto_prepend_file | |
auto_prepend_file = /var/www/html/getastra-premium/autoload.php | Comment it out by changing auto_prepend_file to ;auto_prepend_file |
7. After you've removed the code, or commented it out - refresh the phpinfo page and check the auto_prepend_file value. You may have to restart your Apache/Nginx for the changes to take effect.
8. Once the value becomes empty in the phpinfo file it means that the variable is unset
Did this answer your question?