• Hi, I don’t know why, I cannot activate full WAF on the site.

    
    Oops! Le mode Full WAF n'est pas encore activé.
    Assurez-vous que votre serveur HTTP prend en charge la directive php_value auto_prepend_file dans les fichiers .htaccess. Peut-être devez-vous redémarrer votre serveur HTTP pour appliquer les changements, ou simplement attendre quelques secondes puis recharger cette page ?
    

    Here wp-check & wp-db :

    
    wp-check.php
    NinjaFirewall (WP edition) troubleshooter
    HTTP server 	: 	Apache
    PHP version 	: 	7.4.11
    PHP SAPI 	: 	LITESPEED
     	 	 
    auto_prepend_file 	: 	none
    wp-config.php 	: 	found in /home/myself/public_html/wp-config.php
    NinjaFirewall detection 	: 	NinjaFirewall WP Edition is loaded (WordPress WAF mode)
     	 	 
    Loaded INI file 	: 	/opt/alt/php74/etc/php.ini
    user_ini.filename 	: 	.user.ini
    user_ini.cache_ttl 	: 	300 seconds
    User PHP INI 	: 	.user.ini found -
     	 	 
    DOCUMENT_ROOT 	: 	/home/myself/public_html
    ABSPATH 	: 	/home/myself/public_html/
    WordPress version 	: 	5.5.3
    WP_CONTENT_DIR 	: 	/home/myself/public_html/wp-content
    Plugins directory 	: 	/home/myself/public_html/wp-content/plugins
    User Role 	: 	Administrator
    User Capabilities 	: 	manage_options: OK - unfiltered_html: OK
    Log dir permissions 	: 	/home/myself/public_html/wp-content/nfwlog dir is writable
    Cache dir permissions 	: 	/home/myself/public_html/wp-content/nfwlog/cache dir is writable
    
    NinjaFirewall (WP edition) troubleshooter v1.9.2
    
    wp-db.php
    Version: 1.8
    Found /home/myself/public_html/wp-config.php.
    Opening it for reading.
    Looking for DB_NAME, DB_USER, DB_PASSWORD, DB_HOST and $table_prefix:
    
        DB_NAME: found 'myself_wp866'
        DB_USER: found 'myself_wp866'
        DB_PASSWORD: found (click here to view password)
        DB_HOST: found 'localhost'
        table_prefix: found 'wpyc_'
    
    Attempting to connect to the DB: OK
    
    Attempting to read NinjaFirewall's options (nfw_options) from the DB: OK
    Calling fetch_object: OK
    Checking options integrity: OK
    
    Attempting to read NinjaFirewall's rules (nfw_rules) from the DB: OK
    Calling fetch_object: OK
    Checking rules integrity: OK
    
    Exiting.
    

    Here .htninja (with the site’s IP in place of xx)

    
    <?php
    /*
     +===================================================================+
     | NinjaFirewall optional configuration file                         |
     |                                                                   |
     | See: http://nintechnet.com/ninjafirewall/wp-edition/help/?htninja |
     +===================================================================+
    */
    
    if ( $_SERVER["REMOTE_ADDR"] == 'xx.xx.xx.xx' ) {
       return 'ALLOW'; // whitelist
    }
    

    I tried to ininstall ninjafirewall & ninjascanner and to remove all ninjafiles in www folder.
    Got this after reinstall (via WP extension backoffice) :

    
    [08/Nov/20:15:19:24 +0000] "nfw_options" is corrupted, restoring from last known good backup file (/home/myself/public_html/wp-content/nfwlog/cache/backup_xxxxxxx5_xxxxx.6xxx.php)
    

    What should I try now ?

    The page I need help with: [log in to see the link]

Viewing 10 replies - 1 through 10 (of 10 total)
  • Plugin Author nintechnet

    (@nintechnet)

    You are using Apache with LITESPEED PHPSAPI. During the Full WAF setup, which option did you choose?

    Hi, thank you for caring.
    I try with Litespeed (as on my other sites by the same hoster, but those other sites do accept Full waf)

    Plugin Author nintechnet

    (@nintechnet)

    Maybe you need to add the directive to the .user.ini or php.ini instead, as it is Apache. Try to select “Apache + CGI/FastCGI or PHP-FPM”.
    If that doesn’t work, can you ask you host where you should use the auto_prepend_file directive: in a .htaccess, a INI file (php.ini or .user.ini) or elsewhere (hosting panel)?

    Ok, I’ll ask.
    With Apache, I get this :

    
    Oops! Le mode Full WAF n'est pas encore activé.
    Parce que PHP met en cache les fichiers INI, vous devez attendre jusqu'à cinq minutes avant qu'il prenne en compte les modifications effectuées. Veuillez patienter pendant 294 secondes avant de réessayer (vous pouvez quitter cette page et revenir dans quelques minutes).
    

    What is odd is that I have other (Ninjafirewall functional) accounts by this host.

    Plugin Author nintechnet

    (@nintechnet)

    Can you try again with LiteSpeed and select the “I want to make the changes myself” radio button. Then, below, you will see something like this:

    # BEGIN NinjaFirewall
    <IfModule Litespeed>
       php_value auto_prepend_file "/some/path/to/wp-content/nfwlog/ninjafirewall.php"
    </IfModule>
    # END NinjaFirewall
    

    Can you double-check that the full path is correct, i.e., that the “/some/path/to/wp-content/nfwlog/ninjafirewall.php” file exists?

    Hi, I am also facing the same issue. No matter how I try auto or manual options and edit the files .user.ini, php.ini and .htaccess it doesn’t work. Using LiteSpeed V7.7 with PHP 7.4.10.

    I finally got it to work. For my case, I had a change of path on server, which the file /wp-content/nfwlog/ninjafirewall.php is still referencing to the old path.

    I had to uninstall the plugin and remove the /wp-content/nfwlog folder, then re-install the plugin for it to work.

    Hi, I think I got the point with the help of my hoster : PlanetHoster
    we decided to create a brand new hosting & to test.
    It didn’t work.
    Then, the hoster tested the replacement of litespeed by lsapi_module and Full WAF is now functional !

    As I use NinjaFirewall for years by the same hoster, I wondered why this issue : the default has always been Litespeed and on most of my sites I’m on Apache and anyhow, full WAF was ok.

    Thus, I checked an old site of mine and saw that the .htaccess has :

    
    # BEGIN NinjaFirewall
    php_value auto_prepend_file /home/turlututu/public_html/wp-content/nfwlog/ninjafirewall.php
    # END NinjaFirewall 
    

    But the, now corrected .htaccess on this thread’s site is :

    
    # BEGIN NinjaFirewall
    <IfModule lsapi_module>
    php_value auto_prepend_file "/home/trululu/public_html/wp-content/nfwlog/ninjafirewall.php"
    </IfModule>
    # END NinjaFirewall 
    

    once corrected by my hoster.

    It was

    
    # BEGIN NinjaFirewall
    <IfModule Litespeed>
    php_value auto_prepend_file "/home/trululu/public_html/wp-content/nfwlog/ninjafirewall.php"
    </IfModule>
    # END NinjaFirewall
    

    before.

    Thus a new question : is this call for IfModule really needed ?
    This is even more acute when one knows that the commercial offer of my hoster can be changed from Apache to LiteSpeed (in this case, I suspect the site we just repaired would again drop full WAF, wouldn’t it ?)

    • This reply was modified 1 month, 3 weeks ago by nam1962.
    Plugin Author nintechnet

    (@nintechnet)

    Your PHP SAPI, LSAPI, doesn’t recognize Litespeed but lsapi_module instead. I’ll make some changes in the next release to detect and fix that.
    The ifmodule directive is not mandatory but used only to prevent a crash when switching to another PHP SAPI for instance. If you changed from Apache + LSAPI to Apache + PHP-FPM, the HTTP server would crash if there’s no ifmodule directive because it wouldn’t recognize the php_value directive.
    You can remove it if you want, as long as you don’t switch to another PHP SAPI.

    • This reply was modified 1 month, 3 weeks ago by nintechnet.

    Ok, got your point.

    Just to tell you about my experience, I use NinjaFirewall on several sites for years (that maybe why I have “old” .htaccess setup)I’ve always seen “LiteSpeed” suggested as default and never changed it.
    Seeminly, at that time, your script didn’t give the ifmodule directive.
    Last year, my older hosting plan and all included sites (thus without ifmodule) was shifted from Apache to LiteSpeed and … it was immediately functional (I’ll now check all it’s .htaccess nevertheless.

Viewing 10 replies - 1 through 10 (of 10 total)
  • You must be logged in to reply to this topic.