Title: Installation Problem Godaddy Shared Hosting
Last modified: August 24, 2016

---

# Installation Problem Godaddy Shared Hosting

 *  Resolved [Agent Deepak](https://wordpress.org/support/users/agentdeepak/)
 * (@agentdeepak)
 * [11 years, 1 month ago](https://wordpress.org/support/topic/installation-problem-godaddy-shared-hosting/)
 * First of all I do not get suPHP, non-recursive etc.
 * I am on Godaddy Shared Hosting. WordPress is not in root but a folder. Just tell
   me what exact steps to follow.
 * You should make a Hosting based installation tutorial. I am really interested
   in this Plugin.
 * By the way are you going to do a new WordPress brute-force attack detection plugins
   comparison? I would like to know what latest version of other plugins are like
   vs yours.
 * BTW I have All in One Security and Sucuri Plugin installed. After I install this
   I will remove All in One Security but keep Sucuri. Does it work well along with
   Sucuri?
 * [https://wordpress.org/plugins/ninjafirewall/](https://wordpress.org/plugins/ninjafirewall/)

Viewing 10 replies - 1 through 10 (of 10 total)

 *  Plugin Author [nintechnet](https://wordpress.org/support/users/nintechnet/)
 * (@nintechnet)
 * [11 years, 1 month ago](https://wordpress.org/support/topic/installation-problem-godaddy-shared-hosting/#post-6003102)
 * Hi,
 * Can you check this similar discussion: [goddady installation](https://wordpress.org/support/topic/goddady-installation).
   
   Also: [PHP INI files and Goddady’s hosting](https://support.godaddy.com/help/article/8913/what-filename-does-my-php-initialization-file-need-to-use).
 * We do not plan to make any new benchmarks, because the results will be identical.
   If you use a plugin that requires to have WP + the DB + the plugin(s) loaded,
   it will kill your server if you face a distributed attack.
 * I do not know about any issue with the Sucuri plugin. NinjaFirewall works before
   WP and its plugins are loaded so, in most cases, there is no conflict. If you
   see any issue, simply report it here.
 *  Thread Starter [Agent Deepak](https://wordpress.org/support/users/agentdeepak/)
 * (@agentdeepak)
 * [11 years, 1 month ago](https://wordpress.org/support/topic/installation-problem-godaddy-shared-hosting/#post-6003175)
 * Still unable to install.
 * Here are the results of ninjacheck.php
 * NinjaFirewall (WP edition) troublershooter
 * Warning: session_start() [function.session-start]: Cannot send session cache 
   limiter – headers already sent (output started at /home/content/XX/XXXXXXX/html/
   Wordpress/ninjacheck.php:36) in /home/content/XX/XXXXXXX/html/Wordpress/wp-content/
   plugins/ninjafirewall/ninjafirewall.php on line 43
 * HTTP server :Apache
    PHP version :5.3.24 PHP SAPI :CGI-FCGI
 * auto_prepend_file : none
    NinjaFirewall detection : NinjaFirewall is not loaded
 * Loaded INI file :/home/content/XX/XXXXXXX/html/php5.ini
    user_ini.filename :.
   user.ini user_ini.cache_ttl:300 seconds User PHP INI :php5.ini found –
 * DOCUMENT_ROOT :/var/chroot/home/content/XX/XXXXXXX/html
    wp-config.php :found
   in /home/content/XX/XXXXXXX/html/Wordpress/wp-config.php ABSPATH :/home/content/
   XX/XXXXXXX/html/Wordpress/ (ABSPATH != DOCUMENT_ROOT) WordPress version :4.1.1
   WP_CONTENT_DIR :/home/content/XX/XXXXXXX/html/Wordpress/wp-content Plugins directory:/
   home/content/XX/XXXXXXX/html/Wordpress/wp-content/plugins
 * BTW about the recursive php.ini
 * Which .htaccess file are you refering in [http://ninjafirewall.com/wordpress/help.php](http://ninjafirewall.com/wordpress/help.php)
 * I tried adding the .htaccess too.
 * BTW Ninja Firewall is just bunch of PHP script right. So If I just use Pro version
   can’t I protect my wordpress with that too. Just asking. I am thinking on the
   line of installing it in root and maybe there is configuration to lets it protect
   wordpress (multiple) in one go. Is that something that can be done. This is only
   if WP one doesn’t work out.
 *  Plugin Author [nintechnet](https://wordpress.org/support/users/nintechnet/)
 * (@nintechnet)
 * [11 years, 1 month ago](https://wordpress.org/support/topic/installation-problem-godaddy-shared-hosting/#post-6003177)
 * I do not recommend at all to use the Pro edition to protect one or more WP sites:
   it has much less options/features and, most important, it lacks all WP security
   rules! So the WP edition is really your best bet. If you have 2 or more sites,
   you need to install one copy per site.
 * You are running CGI-FCGI, therefore you need to use a PHP INI (I assume “php.
   ini”). But it seems that your Goddady hosting account will never let you use 
   one in a subfolder.
 * It is still possible to bypass such restriction. Check our blog about installing
   multiple copies of NinjaFirewall with HHVM (which allows only one php.ini file),
   specially the “Multiple-site installation” chapter: [Installing NinjaFirewall with HHVM](http://blog.nintechnet.com/installing-ninjafirewall-with-hhvm-hiphop-virtual-machine/).
   
   You will need to create the “php.ini” file in the main public_html folder. Regarding
   the “route.php” script, you could create it in the same folder, or inside the
   WP subfolder, it is not too much important. During the installation, select HHVM
   as the “Server and SAPI”.
 * However, if one day you want to uninstall NinjaFirewall, remember that you will
   need to remove the instruction from the PHP INI first, and then to uninstall 
   it from the WP admin dashboard, because the uninstaller will not be able to find
   the PHP INI in the parent directory.
 *  Thread Starter [Agent Deepak](https://wordpress.org/support/users/agentdeepak/)
 * (@agentdeepak)
 * [11 years, 1 month ago](https://wordpress.org/support/topic/installation-problem-godaddy-shared-hosting/#post-6003254)
 * OK. I will talk to GoDaddy Hosting Support to have HHVM installed. I am assuming
   it can only be done by them.
 * I do have zend codes is my php.ini. I think I installed them long ago but don’t
   remember when. HHVM would not have any conflict with them I assume.
 * Anyways It will likely take few day.
 * I will report back. If this works, I will gladly make a small tutorial and share
   with you. You have been great so far helping me out.
 * Editing manually php.ini is not a great problem. In fact I like to do it manually.
 *  Plugin Author [nintechnet](https://wordpress.org/support/users/nintechnet/)
 * (@nintechnet)
 * [11 years, 1 month ago](https://wordpress.org/support/topic/installation-problem-godaddy-shared-hosting/#post-6003256)
 * I don’t think they will install HHVM.
    My example was just to show that your 
   case is very similar and that you can use our blog article to solve your issue.
 * Assuming that:
    Your document_root is: /var/chroot/home/content/XX/XXXXXXX/html
   Your WP is installed in: /home/content/XX/XXXXXXX/html/Wordpress/
 * 1) Start NinjaFirewall installer from your WP admin dashboard.
    2) When you reach
   the “System configuration” page, select “Other + HHVM” and click “Next Step”.
   3) Create a “/var/chroot/home/content/XX/XXXXXXX/html/route.php” script, and 
   add the following code to it:
 *     ```
       <?php
       // Prepend the firewall for the /Wordpress/ sub-folder:
       if ( strpos($_SERVER['SCRIPT_FILENAME'], '/home/content/XX/XXXXXXX/html/Wordpress') !== false ) {
          // Add the full path to NinjaFirewall firewall.php:
          require('/home/content/XX/XXXXXXX/html/Wordpress/wp-content/plugins/ninjafirewall/lib/firewall.php');
       }
       ```
   
 * Edit the two “/XX/XXXXXXX/” occurrences with the correct paths.
 * 4) Create a “/var/chroot/home/content/XX/XXXXXXX/html/php.ini”, and add the following
   code to it:
 *     ```
       ; NinjaFirewall: load route.php
       auto_prepend_file = /home/content/XX/XXXXXXX/html/route.php
       ```
   
 * Here again, replace the X’s with the correct path.
    Note: maybe you will need
   to use “/var/chroot/home/….” rather then “/home/…”
 * 5) Go back to NinjaFirewall installer and click on the Test NinjaFirewall button.
 * If that does not work, you may need to rename the “php.ini” to “.user.ini” or“
   php5.ini”. Also, as mentioned on Goddady’s PHP INI page, you may need to wait
   a couple of minutes after making changes to the INI files.
 *  Thread Starter [Agent Deepak](https://wordpress.org/support/users/agentdeepak/)
 * (@agentdeepak)
 * [11 years, 1 month ago](https://wordpress.org/support/topic/installation-problem-godaddy-shared-hosting/#post-6003283)
 * Awesome. It now works. Tested only on Single Site so far but will install on 
   other blogs too.
 * BTW about Login Protection/Enable brute force attack protection – this is off
   by default. Will making it always ON, slow down my site.
 * When using All in one security pack, I see around 10 failed login attempts daily(
   which are automatically blocked for a week – lockdown).
 * So when should I consider login attempts to be brute-force. My website is relatively
   low traffic as of now.
 *  Plugin Author [nintechnet](https://wordpress.org/support/users/nintechnet/)
 * (@nintechnet)
 * [11 years, 1 month ago](https://wordpress.org/support/topic/installation-problem-godaddy-shared-hosting/#post-6003285)
 * If you enable “Always ON”, it will always block any access to the wp-login page
   and will prompt you for the user/password defined in the Login Protection page.
   That works before WordPress is loaded, so that won’t slow down the site: it can
   handle a few thousands of HTTP request per second.
 * A very small brute-force attack would be at least around 5 POST requests/10 seconds.
   Usually, it is much higher than that.
 * If you are the only person who can log into the dashboard, set it to “Always 
   ON” preferably.
 *  Thread Starter [Agent Deepak](https://wordpress.org/support/users/agentdeepak/)
 * (@agentdeepak)
 * [11 years, 1 month ago](https://wordpress.org/support/topic/installation-problem-godaddy-shared-hosting/#post-6003286)
 * So is it similar to using .htpasswd?
 * Currently I am the only person but in 1-2 month it will change.
 * I do use a membership plugin with custom login page and also has a Login form
   in my Menu. So lets say I enable it. Will those who login from custom page/login
   or Menu also get prompted for user/password defined in the Login Protection page(
   wp-login.php is probably being called (in backened) but I do not think there 
   is redirect to wp-login – not an expert so don’t know).
 * To stop wp-login access I had tried out renaming wp-login.php once but that breaks
   my 2 step authentication and membership login. Then I tried .htpasswd but well
   if users gets promoted for an extra login-password it will be annoying.
 * PS: I think, WordPress should have a in-built feature to change wp-login page
   to whatever we wish. This will stop most of the brute-force – most automated 
   once atleast)
 *  Plugin Author [nintechnet](https://wordpress.org/support/users/nintechnet/)
 * (@nintechnet)
 * [11 years, 1 month ago](https://wordpress.org/support/topic/installation-problem-godaddy-shared-hosting/#post-6003288)
 * More or less like a .htaccess, but it does not use any system file, and works
   with any Unix-based HTTP servers. It also whitelist you for a while (using PHP
   session), so that it will not ask you again for the password if you log out and
   then log in 10 minutes later.
 * A custom login form/plugin may not always need to use the wp-login.php script.
   It can manage the user authentication and redirect him/her to `/wp-admin/` folder.
   
   NinjaFirewall only deals with the wp-login.php script.
 *  Thread Starter [Agent Deepak](https://wordpress.org/support/users/agentdeepak/)
 * (@agentdeepak)
 * [11 years, 1 month ago](https://wordpress.org/support/topic/installation-problem-godaddy-shared-hosting/#post-6003294)
 * Ohh! I tried enabling Login Protection and using custom login. It didn’t work.
   Probably because of 2 step authentication and wp-login was being called else 
   2 step won’t work.
 * Anyways thanks for all help.
 * The Ninja Firewall Stats show 119 attempts since yesterday. 5% critical and rest
   medium. Good to see those hacking attempts being stopped.
 * Marking this as resolved. Since my main problem is resolved. Thanks again.

Viewing 10 replies - 1 through 10 (of 10 total)

The topic ‘Installation Problem Godaddy Shared Hosting’ is closed to new replies.

 * ![](https://ps.w.org/ninjafirewall/assets/icon-256x256.png?rev=976137)
 * [NinjaFirewall (WP Edition) - Advanced Security Plugin and Firewall](https://wordpress.org/plugins/ninjafirewall/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/ninjafirewall/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/ninjafirewall/)
 * [Active Topics](https://wordpress.org/support/plugin/ninjafirewall/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/ninjafirewall/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/ninjafirewall/reviews/)

## Tags

 * [godaddy](https://wordpress.org/support/topic-tag/godaddy/)
 * [installation problem](https://wordpress.org/support/topic-tag/installation-problem/)
 * [shared hosting](https://wordpress.org/support/topic-tag/shared-hosting/)

 * 10 replies
 * 2 participants
 * Last reply from: [Agent Deepak](https://wordpress.org/support/users/agentdeepak/)
 * Last activity: [11 years, 1 month ago](https://wordpress.org/support/topic/installation-problem-godaddy-shared-hosting/#post-6003294)
 * Status: resolved