WordPress.org

Plugin Directory

Test out the new Plugin Directory and let us know what you think.

NinjaFirewall (WP Edition)

A true Web Application Firewall to protect and secure WordPress.

Why is NinjaFirewall different from other security plugins for WordPress ?

NinjaFirewall sits between the attacker and WordPress. It can filter requests before they reach your blog and any of its plugins. This is how it works :

Attacker > HTTP server > PHP > NinjaFirewall > WordPress

And this is how all WordPress plugins work :

Attacker > HTTP server > PHP > WordPress > Plugins

Unlike other security plugins, it will protect all PHP scripts, including those that aren't part of the WordPress package.

How powerful is NinjaFirewall?

NinjaFirewall includes a very powerful filtering engine which can detect Web Application Firewall evasion techniques and obfuscation tactics used by hackers, as well as support and decode a large set of encodings. See our blog for a full description: An introduction to NinjaFirewall 3.0 filtering engine.

Do I need root privileges to install NinjaFirewall ?

NinjaFirewall does not require any root privilege and is fully compatible with shared hosting accounts. You can install it from your WordPress admin console, just like a regular plugin.

Does it work with Nginx ?

NinjaFirewall works with Nginx and others Unix-based HTTP servers (Apache, LiteSpeed etc). Its installer will detect it.

Do I need to alter my PHP scripts ?

You do not need to make any modifications to your scripts. NinjaFirewall hooks all requests before they reach your scripts. It will even work with encoded scripts (ionCube, ZendGuard, SourceGuardian etc).

I moved my wp-config.php file to another directory. Will it work with NinjaFirewall ?

NinjaFirewall will look for the wp-config.php script in the current folder or, if it cannot find it, in the parent folder.

Will NinjaFirewall detect the correct IP of my visitors if I am behind a CDN service like Cloudflare ?

You can use an optional configuration file to tell NinjaFirewall which IP to use. Please follow these steps.

Will it slow down my site ?

Your visitors will not notice any difference with or without NinjaFirewall. From WordPress administration console, you can click "NinjaFirewall > Status" menu to see the benchmarks and statistics (the fastest, slowest and average time per request). NinjaFirewall is very fast, optimised, compact, requires very low system resources and outperforms all other security plugins. By blocking dangerous requests and bots before WordPress is loaded, it will save bandwidth and reduce server load.

Is there any Microsoft Windows version ?

NinjaFirewall works on Unix-like servers only. There is no Microsoft Windows version and we do not expect to release any.

Requires: 3.3.0 or higher
Compatible up to: 4.7
Last Updated: 3 days ago
Active Installs: 10,000+

Ratings

4.7 out of 5 stars

Support

10 of 15 support threads in the last two months have been marked resolved.

Got something to say? Need help?

Compatibility

+
=
Not enough data

1 person says it works.
0 people say it's broken.

100,1,1 100,1,1 100,1,1 100,1,1
100,1,1 100,1,1
100,1,1 100,1,1 100,1,1 100,1,1 100,1,1 100,1,1
100,1,1 100,1,1 100,1,1 100,1,1
100,1,1
100,1,1 100,1,1
100,1,1
100,2,2 100,2,2 100,4,4
100,3,3 100,2,2 100,1,1 100,1,1
100,1,1 100,2,2 67,3,2 100,3,3 75,4,3 100,2,2 100,1,1 100,1,1
100,1,1 100,1,1 100,1,1
100,1,1 100,4,4 100,4,4 100,3,3 100,3,3
100,1,1 100,1,1 100,2,2
100,2,2 100,6,6 100,5,5 100,1,1 100,2,2 100,3,3 100,1,1 100,1,1
100,1,1 100,3,3 100,2,2 100,1,1 100,1,1 100,1,1 100,1,1
100,1,1
100,1,1 100,1,1
100,2,2
100,3,3 100,6,6 100,2,2
100,1,1
100,1,1 100,1,1
100,2,2 100,1,1
100,1,1 100,6,6 100,5,5 80,5,4 100,3,3 100,3,3 100,3,3 100,1,1 100,1,1
100,1,1
100,1,1
100,2,2 100,1,1
100,2,2 100,1,1
100,3,3 100,3,3 100,2,2 100,4,4 100,2,2 100,1,1
100,2,2 100,2,2 100,1,1
100,1,1
100,1,1 100,2,2 100,1,1 100,4,4 100,2,2
100,2,2 100,3,3 100,1,1
100,2,2 100,1,1 100,1,1
100,1,1 100,1,1 100,1,1 100,2,2 100,1,1