Which file has a firewall directive: .htaccess, php.ini or .user.ini ?
Did you check it to see if the directive was removed? Did you check the file timestamp too? Maybe the file is automatically restored or edited by another plugin or application?
Sorry, could you walk me through how I would check which of the files has a firewall directive?
Click on the “Activate Full WAF mode” button and, after configuring it, select “I want to make the changes myself”. That will show you the name and full path of the file that needs to be edited. Then, change back to “Let NinjaFirewall make the necessary changes”, and click “Finish Installation”.
Ok, thank you. Looks like the code is being added to user.ini. How can I check whether the directive is being removed/timestamps and whether another plugin is accessing it?
Next time the Full WAF mode is deactivated, download the file over FTP and check if you see the firewall auto_prepend_file directive or if it was removed. Check also the timestamp of the file.
I was also having this issue, and it appears my user.ini file was being edited by the MalCare plugin, which I think was deactivating the Full WAF mode in Ninja Firewall. I use Cloudways hosting and they have MalCare Bot Protection enabled. Is it recommended to use both MalCare Bot Protection and Ninja Firewall? If not, which is better?
You can only have one application that loads via the .user.ini.
NinjaFirewall has a bot protection.
