Support » Plugin: NinjaFirewall (WP Edition) - Advanced Security Plugin and Firewall » Massive amount of undesired mails

  • Resolved housestationlive

    (@housestationlive)


    i love your plugin a lot and i’m saying it after being disappointed of cloudflare reliabilities issues and others wordpress plugin limitations.

    but even when i set the cache url to limit the amount of mail, even when i uncheck everithing in notifications tab, i still receiving huge amount of email, whitch is very annoying.

    if i can’t found a fix, i will have no other solution to create a gmail account for a mail i will never check, and contribute to ecology wasting.

    cheers

    michael
    housestationlive.com

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author nintechnet

    (@nintechnet)

    What kind of emails is it? Can you paste one of them here?

    Thread Starter housestationlive

    (@housestationlive)

    i think i managed to solve the problem adding the correct cache url in the fileguard.

    but by default all notifications are enabled and if you have to spend several hours to understand everything before being able to turning it off.

    i guess plugin can’t found automatically the cache location ?

    the fun fact is i was looking for itsecurity plugin review and the comment of this reviews pointed the advantage of ninja firewall compare to itsecurity.

    even if i had quality requirement i were curious to try it and the result is very satisfiying. no crash no bug, no reliability issues.

    cause itsecurity can block access to your website when vulnerability is compromised. i already have backup and want my websible being protected by plugin, not compromised. an external firewall sounds the most interesting solution, to avoid both dns conflits with CDN and database conflits with local antivirus.

    i may be interested to try cloudbric also but it’s very expensivle and i won’t be able to use it for multiple domains (100 € per moth for 10 domains pack). and i have statistics issues with cloudflare i can’t retrieve accurate and precise data from visitors like i was able to do.

    i just had to delete my cache and cookies in my browser 2 or 3 times to avoid displaying issues (maybe cause i removed cloudflare and changed dns).

    despite the mail issue, there is also a frustration with the technical aspect to undestand how to cover a maximum of vulnerability without compromising the integrity of the website.

    maybe i can hire you one of theses days to help me with configuration. but i already enabled almost everything. i just don’t sanatised what you don’t adiviced to and unchecked what you prevented as possible disfonctionnal cause. i just take the risk to enable “post” in template, cause 0 day vulnerability can be a major open door for any intrusor.

    this plugin is particulary usefull when you don’t want the very last version of wordpress and when you can’t update some plugin (because theme modified version or not compatible with wordpress core). so if ninja can protect from database, brutal force loggin, plugin the themes, i don’t need more expensive or sophisticated solution and compromise relisability or statistic feedback (sometimes even seo appreciation with CDN
    i heard).

    having good christmas, stay safe.

    michael
    housestationlive.com

    Thread Starter housestationlive

    (@housestationlive)

    in monitoring / fileguard section, when file guard is enabled, the second field is empty “exclude the following files/folders (optional)”.

    it’s easily, by defaut, to fill this field with the same value from the first tab, first field “create a snapshot of all files stored in that directory”.

    and will prevent from massive mails. because it’s “optional” and we can’t guess until receiving mail embeding the cache location, we leave this field empty, even if in your documentation you warn of “possible” massive spamming.

    it’s hard to randomly decide a folder you want exclude from protection without being sure, when you’re a beginner.

    and, in general, because the plugin is a wonderful one with hundread of features, it’s almost impossible to configure it correcty when you’re not a expert.

    most of time, you bought a theme, and you don’t even know if your theme accepts waf, post automatically on page. and without an expert it’s impossible to found the best set-up.

    of course it’s awesome to having such amount of features and possibility. maybe you can invent a robot to scan the website and found the perfect configuration. don’t know.

Viewing 3 replies - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.