Ninja Firewall with Bullet Proof Security & Ithemes Security (Better Wp Secuirty

  • Resolved rafaelmagic

    (@rafaelmagic)


    10 years ago

    Hi,

    Ran into your Signature at WebHostTalk.
    Just saw a Youtube Video on this plugin and I’m impressed.

    I believe in multiple layers of security and use several security tools to harden WP.

    I could see your firewall as the first line of defense in my arsenal. But sometimes getting plugins or tools to not overlap and play nicely, might require some special settings. =)

    Have you tried Ninja Firewall with Bullet Proof Security?

    Also have you tried Ninja Firewall with Ithemes Security (Better WP Security)?

    Thank you,

    https://wordpress.org/plugins/ninjafirewall/

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Author nintechnet

    (@nintechnet)

    10 years ago

    Hi,

    Nobody reported any incompatibility issue yet, but if your plugin has a similar option as NinjaFirewall, it is better to disable this option and let NF handle it because it works before WordPress is loaded. Otherwise, your plugin may not be able to act as it should (see this example for instance).

    Manuel Fritsch

    (@let-me-see)

    10 years ago

    Hello there,

    I am currently trying to get Ninja Firewall working with Bulletproof Security and All in One WP Security. (Having recently discovered that someone hacked my site, despite BPS, I try to do everything I can – hoping I don’t do too much).

    The other plugins seem to get along with each other, but when I write the .htaccess file to include the Ninja Firewall code, I break the site. I have to rebuild the whole .htaccess with my backup in BPS. At this moment, I do not know what to do.

    esmi

    (@esmi)

    10 years ago

    @let me see…: If you require assistance then, as per the Forum Welcome, please post your own topic instead of tagging onto someone else’s topic.

    Thread Starter rafaelmagic

    (@rafaelmagic)

    10 years ago

    Esmi,

    I created the TOPIC and this is related.

    LET ME SEE…

    I just got Ninja Firewall to activate and can will try Bullet Proof Security shortly and post.

    To make them get along you have to insert the Ninja Firewall .Htaccss code into BPBS

    http://forum.ait-pro.com/wp-content/videos/custom-code/custom-code.html

    Look at the video how they add the WP-Super Cache and the location, first custom box (Custom Code Top PHP/PHP.INI. HANDLER/CACHE CODE:)

    Save it and watch the whole video to see how they reapply it to the root directory. I would personally figure out how to add all the Bullet Proof Security custom code. Get it all working and then add the Ninja code.

    So far, I could tell that Ninja Firewall uses Http Authentication for BruteForce protection. In simple terms its another User & Password you have to enter before you get to wp-login.php

    Its best practice that the HTTP Authentication user and password be different from your wp-login credentials.

    So we could also use BruteForce protection in Bullet Proof Security and Ithemes Security or whatever 3rd party wp-login protector.

    It’s login protection on steroids.

    Thread Starter rafaelmagic

    (@rafaelmagic)

    10 years ago

    TUTORIAL

    Setup Bullet Proof Security, watch the video below about the Custom Code and get everything working, you should see the pop-ups in your WP Admin.

    http://forum.ait-pro.com/wp-content/videos/custom-code/custom-code.html

    When you SAVE the custom code, its saved and even though you manually delete the .htaccess file, you can reload it in Bullet Proof.

    So, FTP or WinScp into the public_html folder.

    Rename .htaccess file to BAK.htaccess file.

    Install Ninja Firewall, activate it, choose the correct INI version. VPS users select User.ini. Then enable Ninja Firewall. It will create a ini file and a .htaccess file.

    Setup the Login Protection, select ALWAYS ON, use a unique user and pass word.

    Log out of WordPress to test the Login Protection

    Log back in to WP and you should see another additional login screen. Its the HTTP Authentication. Looks different in all browser, so don’t ask for a photo. =)

    If its enabled and not working. In some servers PHP might take 5 minutes to recognize the ini file. So wait 5 minutes

    APPLYING THE NINJA PLUGIN .htaccess to BULLET PROOF SECURTY:

    Now look at the .htaccess code created by Ninja Plugin and copy it over to Bullet Proof Security- Custom Code- Root Htacess Custom Code. In the “Custom Code Top PHP/PHP.INI. HANDLER/CACHE CODE:”

    Paste the NinjaFirewall code. Hit SAVE. I pasted it above any custom code I had.

    Go to Security Mode-
    select the Create secure.htaccess File.

    Under:
    Activate Security Modes

    Activate Website Root Folder .htaccess Security Mode

    Select Root Folder BulletProof Mode

    Then FTP, hit refresh and verify that the Ninja Code and Bullet Proof codes are present.

    Please Note: In some server PHP might take 5 minutes to recognize the ini file. So wait 5 minutes

    Thread Starter rafaelmagic

    (@rafaelmagic)

    10 years ago

    Forgot to add, if your using BPS and Ninja and the user.ini

    I added user.ini

    Use this BPS Custom Code

    CUSTOM CODE DENY BROWSER ACCESS TO THESE FILES:
    # DENY BROWSER ACCESS TO THESE FILES
    # wp-config.php, bb-config.php, php.ini, php5.ini, readme.html, user.ini
    <FilesMatch “^(wp-config\.php|php\.ini|php5\.ini|readme\.html|bb-config\.php|user\.ini)”>
    Order allow,deny
    Deny from all
    Allow from YOUR IP ADDRESS
    </FilesMatch>

    Add your internet IP to YOUR IP ADDRESS

    Example:
    Allow from 123.123.123.123

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Ninja Firewall with Bullet Proof Security & Ithemes Security (Better Wp Secuirty’ is closed to new replies.