How to protect all site?

  • Resolved ChriStef

    (@christef)


    7 years, 1 month ago

    I see a Very promising plugin service.

    I have blog on a folder not root. I have installed in the blog folder waf and it seems to be working just fine.

    My index root website is php. I’m wandering how to protect my root? I see other version brunch of this. But do I need to install both? Is there an option hard coded if is a must is OK to include on my root?

    I’m wandering What’s the approach here when both php site and a WordPress in a folder installation? It will be wonderful to be able the WordPress plugin to protect and the root. What do you think?

    Thank you for this tool and service.

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author nintechnet

    (@nintechnet)

    7 years, 1 month ago

    Hi,

    You can protect your WordPress folder with the WP Edition, and the main site with the Pro Edition (which is free and open source too).
    Check our blog post: https://blog.nintechnet.com/installing-ninjafirewall-with-hhvm-hiphop-virtual-machine/
    Scroll down to the “Multiple-site installation” section.
    Note that this was written for HHVM, but it can apply to PHP as well, it is just the same method.

    It is important that you only use the WP Edition to protect WordPress, because the Pro Edition is a generic one and it does not have specific WordPress protection (e.g., privilege escalation, zero-day vulerability etc).

    Thread Starter ChriStef

    (@christef)

    7 years, 1 month ago

    Thank you for your quick response. Very helpful I ve got the concept.

    I’m wandering if I just pass to the main php index website to just include the required file from the blog folder. Why not? This way I think the wp plug in will handle the requests, right? I don’t mind an extra workout it might do if it’s not a wp access request but my website’s php.

    Keep in mind that I don’t have several domains. One domain and my php website and under this a wp folder.

    Plugin Author nintechnet

    (@nintechnet)

    7 years, 1 month ago

    You can try to move the PHP INI (which includes NF auto_prepend_file directive) to your main root folder. In most cases, that should work.

    Thread Starter ChriStef

    (@christef)

    7 years, 1 month ago

    Thanks for the support. That done the trick as well as the .Htaccess include directive.

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘How to protect all site?’ is closed to new replies.

Tags