WordPress.org

Ready to get started?Download WordPress

Forums

NinjaFirewall (WP edition)
[resolved] Piwik blocked (3 posts)

  1. maraboshi
    Member
    Posted 4 months ago #

    Hello there,

    I have an installation of Piwik under the main wordpress site (www.mywordpress.com/analytics/) which is being blocked by NinjaFirewall.

    Disabling the firewall it works, with the firewall enabled I get the following error:

    Debug: the original error was
    session has already been started by session.auto-start or session_start()

    session.auto-start is already set to 0 in php.ini.

    The firewall log shows the following "info"

    GET /analytics/piwik.php - Sanitising user input - [COOKIE: ["","",1386600075,"http://www.mywordpress.com"]]

    Any idea what I can change in the firewall config (if any) or should I move Piwik from the subdirectory?

    Many thanks in advance.

    Marco

    http://wordpress.org/plugins/ninjafirewall/

  2. nintechnet
    Member
    Plugin Author

    Posted 4 months ago #

    Hi,

    It looks like your script is calling the PHP session_start() function without checking whether a session was already created or not (it was created by NinjaFirewall).
    You would need to find that call in your script and make a small modification.

    Search for:

    session_start();

    And replace it with:

    if (! session_id() ) { session_start(); }

    The only other alternative would be to move your application into a folder that is not protected by NinjaFirewall.

  3. maraboshi
    Member
    Posted 4 months ago #

    Hi,

    Thanks a lot for the quick answer.

    Unfortunately it doesn't seem that simple to change so I'll just stick with using a different subdomain and separate Piwik completely from NinjaFirewall.

    In case you might be interested this is the related file, anyway:

    https://github.com/piwik/piwik/blob/master/libs/Zend/Session.php

    Thanks again.

    Marco

Reply

You must log in to post.

About this Plugin

About this Topic