Support » Plugin: NinjaFirewall (WP Edition) - Advanced Security » Editor tried to change Theme and now is blocked

  • Hello,
    In one of my test-installations, I was logged in as Editor and tried to change the Theme. Ninja Firewall blocked this and sent Email with PHP Backtrace.
    I don’t know what to do and how to reactivate the Editor User. Can you help?


Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author nintechnet


    What was the email message, i.e., the reason why you were blocked?

    It seems that you have modified the Editor capabilities and allowed them to change theme, is that correct?

    thanks for your answer. This was the email:

    NinjaFirewall has blocked an attempt to modify a user capability by someone who does not have administrative privileges:

    Username: User, ID: xy
    meta_key: th_capabilities
    meta_value: a:2:{s:6:”editor”;b:1;s:15:”bbp_participant”;b:1;}

    User IP:
    SCRIPT_FILENAME: /home/path/domain/wp-admin/index.php
    REQUEST_URI: /wp-admin/
    Date: January 17, 2020 @ 10:41:55 (UTC +0100)

    A PHP backtrace has been attached to this message for your convenience.

    This protection (and notification) can be turned off from NinjaFirewall “Firewall Policies” page.

    Sorry, don’t really remember, what happenend. Possible I was logged in in several Tabs as admin. Logged out, logged in as editor and switched to an Tab where I was logged in as admin where Design/Themes was open and I didn’t realize, that editor have no privileges for this. The basic privileges of editors are not changed.

    Is there a way to delete this blocking?


    Plugin Author nintechnet


    That would explain why you were blocked by the firewall.

    Is there a way to delete this blocking?

    The user shouldn’t be blocked: NinjaFirewall only blocked the privilege escalation attempt, but it didn’t blacklist the Editor user. You should be able to log in as usual.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Editor tried to change Theme and now is blocked’ is closed to new replies.