Support » Plugin: NinjaFirewall (WP Edition) - Advanced Security Plugin and Firewall » Configuring both Ninja Fw & WordFence using .user.ini auto_prepend_file

  • Hi @nintechnet,
    Good morning!

    May I ask for the correct configuration of the .user.ini files to run both NinJa FireWall and WordFence in regards to the “auto_prepend_file =” file path configuration.

    Should there be two files:
    1) .user.ini.ninja1618237526
    2) .user.ini

    Where “.user.ini.ninja1618237526” would have the content:

    
    ; BEGIN NinjaFirewall
    auto_prepend_file = "/var/www/vhosts/currenge.com/httpdocs/wp-content/nfwlog/ninjafirewall.php"
    ; END NinjaFirewall
    

    And, where “.user.ini” would have the content:

    
    ; Wordfence WAF
    auto_prepend_file = '/var/www/vhosts/currenge.com/httpdocs/wordfence-waf.php'
    ; END Wordfence WAF
    
Viewing 15 replies - 1 through 15 (of 15 total)
  • Thread Starter ziegel

    (@ziegel)

    Hi @nintechnet,

    can you please change the above text example.com as I can no longer modify it, and the link is already attacked?

    Thread Starter ziegel

    (@ziegel)

    Hi @sterndata,

    can you please change the above text example.com as I can no longer modify it, and the link is already attacked by hackers?

    Thread Starter ziegel

    (@ziegel)

    Thought I had a solution but then I got a 500 error…

    • This reply was modified 3 months, 2 weeks ago by ziegel.
    Thread Starter ziegel

    (@ziegel)

    In your post:
    https://blog.nintechnet.com/protecting-ninjafirewalls-php-ini-file/

    How would you white list some IPs?

    
    <IfModule mod_rewrite.c>
       RewriteEngine On
       RewriteRule \.ini$ - [F,L]
    </IfModule>
    
    Thread Starter ziegel

    (@ziegel)

    And if working according to:
    https://gist.github.com/chesio/a9e92660b67fbc021db54585e93d3dc3

    May I ask, how would you modify it to block all but white listed IPs?

    # Restrict access to login form only to certain IPs

    
    <Files "wp-login.php">
    	<IfModule mod_authz_core.c>
    		# Only allow 1.2.3.4 address and 5.6.7 subnet
    		Require ip 1.2.3.4 5.6.7
    	</IfModule>
    	<IfModule !mod_authz_core.c>
    		Order deny,allow
    		Deny from all
    		# Only allow 1.2.3.4 address and 5.6.7 subnet
    		Allow from 1.2.3.4 5.6.7
    	</IfModule>
    </Files>
    
    Thread Starter ziegel

    (@ziegel)

    Is there a server (Apache / ngins) restart/reboot required after such editing?

    And if so, how should it be done?

    Moderator Steve Stern (sterndata)

    (@sterndata)

    Forum Moderator & Support Team Volunteer

    Please don’t ping me out of the blue.

    I’m sorry but no. Unless it is an extreme case, posts and replies are not edited here.

    Forum topics will only be edited or deleted if they represent a valid legal, security, or safety concern.

    See https://wordpress.org/support/forum-user-guide/faq/#will-you-delete-my-post-once-the-problem-is-solved

    Thread Starter ziegel

    (@ziegel)

    Hi @sterndata,

    The link above is attacked time after time since publication.

    I’m not pinging out of the blue, as to the best of my understading, you are an address for such an issue.

    Please help by change the domain to example.com

    • This reply was modified 3 months, 2 weeks ago by ziegel.
    Moderator Steve Stern (sterndata)

    (@sterndata)

    Forum Moderator & Support Team Volunteer

    Sites get pinged, ponged, and poked all the time. It’s the nature of the best.

    Thread Starter ziegel

    (@ziegel)

    @sterndata,

    True, however these two lines drew a lot of attention of hackers to site in the few hours since its publication.

    I’m damaged by it, carefully monitoring what’s going on.

    I would appreciate the change from our domain name to example.com in two lines on the first post.

    Can you please help?

    Moderator Steve Stern (sterndata)

    (@sterndata)

    Forum Moderator & Support Team Volunteer

    I have stated our policy, above.

    Plugin Author nintechnet

    (@nintechnet)

    May I ask for the correct configuration of the .user.ini files to run both NinJa FireWall and WordFence in regards to the “auto_prepend_file =” file path configuration.

    You can’t, I’m afraid. Only .user.ini is used, and only one auto_prepend_file directive can be used. You need to choose which firewall you want to load this way.

    You can delete .user.ini.ninja1618237526 if you want. It’s a backup of your original file.

    I answered your other questions in that thread: https://wordpress.org/support/topic/protecting-user-ini-file-using-htaccess-rule/

    Thread Starter ziegel

    (@ziegel)

    Hi @nintechnet,

    Good morning!

    I Wasn’t aware only one of these files works, and that WordFence is moved aside.

    I think I have previously read there is an option to make an *.ini as if it is a *.php file, and thus to get two auto_prepend_file values exist in parallel.. I’ll relook for that guidance.

    May I ask, if you see any problem from the Ninja FW perspective, for the two – NinjaFW and WordFence to operate in parallel?

    ************************************
    BTW, can you please modify my first post to be example.com?

    Thread Starter ziegel

    (@ziegel)

    Hi @nintechnet,

    May I ask, what do you think of a solution I found here:
    https://stackoverflow.com/questions/12062546/auto-prepend-file-multiple-files

    Create a separate loader file that require’s the files you need, then prepend that file.

    
    auto_prepend_file="/path/to/loadernew.php"
    

    And in in loadernew.php:

    
    require '/var/www/vhosts/example.com/httpdocs/wp-content/nfwlog/ninjafirewall.php';
    require '/var/www/vhosts/example.com/httpdocs/wordfence-waf.php';
    

    When ‘loadernew.php’ is protected via .htaccess

    And, what should be such “loadernew.php” file PHP structure? Only the above two lines, or also some syntax as WordPress basic PHP files?

    • This reply was modified 3 months, 2 weeks ago by ziegel.
    Plugin Author nintechnet

    (@nintechnet)

    You can do that, load multiple application using require() in a PHP script. The script must start with <?php on the first line though.

    I can’t edit your post here, I’m not a moderator.

Viewing 15 replies - 1 through 15 (of 15 total)
  • You must be logged in to reply to this topic.