Support » Plugin: NinjaFirewall (WP Edition) - Advanced Security » Best practice for multiple domains under one SFTP user

  • Resolved rsconsult

    (@rsconsult)


    I have a couple of sites set up under one SFTP user. What would be the best practice on setting up NF? What needs to be added to the PHP file to separate the log files?

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author nintechnet

    (@nintechnet)

    Hi,

    Did you install one copy of NinjaFirewall per site? Each one will use its own log directory (located in the /path/to/site/wp-content/nfwlog/ folder).

    I did do one install per site. I’m hosting on Dreamhost and there is also a line that is put in the phprc file that points to where the log file is. Can I put multiple lines in there for the log locations? Right now it looks to be pointing all to one log even though there are multiple installs.

    Plugin Author nintechnet

    (@nintechnet)

    Any reference to a log in the phprc is the PHP error log. You can only have one, and it is used by PHP to log errors, notices and warnings.

    Regarding NinjaFirewall, each installation has its own log located inside the /wp-content/nfwlog/ sub-folder, so there is nothing else to setup or change in your phprc.

    Plugin Author nintechnet

    (@nintechnet)

    I think that I misunderstood your question. You are probably referring to the script used to load the firewall, /wp-content/nfwlog/ninjafirewall.php, not to the log?
    In that case, you will need to create a specific script that will the load the correct firewall, i.e., the one from the site your visitor is requesting.

    There is an example in our blog: http://blog.nintechnet.com/installing-ninjafirewall-with-hhvm-hiphop-virtual-machine/ (scroll down to the Multiple-site installation section). Although it covers HHVM, it is the same issue: one single PHP INI file used to load multiple sites.

    Example:

    Your document root is: /home/user/
    You have 3 domains inside that folder:
    1. /home/user/domain01.com/
    2. /home/user/domain02.com/
    3. /home/user/domain03.com/

    Create a script named /home/user/route.php in your document root folder and add this code to it:

    
    <?php
    if ( strpos($_SERVER['SCRIPT_FILENAME'], '/home/user/domain01.com') !== false ) {
       // Load NinjaFirewall for domain01.com:
       if ( file_exists( '/home/user/domain01.com/wp-content/nfwlog/ninjafirewall.php' ) ) {
          require('/home/user/domain01.com/wp-content/nfwlog/ninjafirewall.php');
       }
    
    } elseif ( strpos($_SERVER['SCRIPT_FILENAME'], '/home/user/domain02.com') !== false ) {
       // Load NinjaFirewall for domain02.com:
       if ( file_exists( '/home/user/domain02.com/wp-content/nfwlog/ninjafirewall.php' ) ) {
          require('/home/user/domain02.com/wp-content/nfwlog/ninjafirewall.php');
       }
    
    } elseif ( strpos($_SERVER['SCRIPT_FILENAME'], '/home/user/domain03.com') !== false ) {
       // Load NinjaFirewall for domain03.com:
       if ( file_exists( '/home/user/domain03.com/wp-content/nfwlog/ninjafirewall.php' ) ) {
          require('/home/user/domain03.com/wp-content/nfwlog/ninjafirewall.php');
       }
    }
    

    Then, in the Dreamhost phprc file, replace the current NinjaFirewall line with the full path to the ‘route.php’ script:

    
    ; NinjaFirewall: load route.php
    auto_prepend_file = /home/user/route.php
    

    Note that I used $_SERVER['SCRIPT_FILENAME'] to load the correct firewall, but as you’ll see in the HHVM article, other environment variables could be used to check which site is being visited, such as $_SERVER['SERVER_NAME'] etc.

    I believe it was my mistake. I said log because the path had nfwlog in it but that was not the file it was referring to. Your instructions above look to be exactly what I am needing. I will get this setup after the holiday. Thank you!

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Best practice for multiple domains under one SFTP user’ is closed to new replies.