malware scan blocked by iptables

  • Resolved Vakantie Ameland

    (@christianebuddy)


    7 years, 11 months ago

    When I use my iptables firewall script on the frontend webserver, which is a reverse proxy server, and then try to execute the ninjafirewall malware scan on the wordpress installation, which resorts in a backendserver, the malware scan results in Error: unable to load signatures (#2) The moment I disable the iptables firewall on the frontend webserver the malware scan is working (using the new ninjafirewall.php script from github)

    Normal port 80 traffic is allowed. Which calls does the ninjafirewall script make that could be blocked by iptables?

    https://wordpress.org/plugins/ninjafirewall/

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author nintechnet

    (@nintechnet)

    7 years, 11 months ago

    It connects to either port 80 or 443, depending on whether you are connecting over HTTP or HTTPS.

    Try to zero iptables chains counter:

    # iptables -Z

    Run the scan, and then immediately check your chains to see if there are some blocked packets (DROP and/or REJECT):

    # iptables -L -nvx

    Thread Starter Vakantie Ameland

    (@christianebuddy)

    7 years, 11 months ago

    No blocked packets and somehow the scan works now with iptables firewall enabled… nothing has been changed. Well, glad it’s working, tnx!

    davidschneider85

    (@davidschneider85)

    7 years, 1 month ago

    pls delete

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘malware scan blocked by iptables’ is closed to new replies.