NinjaFirewall prevents wp-cli from working correctly

Resolved

(@quicksilver03)

I have noticed that activating NinjaFirewall on my WordPress blogs prevents wp-cli from working: all wp-cli commands exit immediately, without showing any output. Putting wp-cli in debug mode shows only the initial debugging output and exits before getting to the “Loaded WordPress” message.

Here’s an example: with WordPress 4.9.6 and NinjaFirewall 3.6.6 (activated) I get

[www@bravo htdocs] $ wp theme list --debug
Debug (bootstrap): No readable global config found (0.049s)
Debug (bootstrap): No project config found (0.049s)
Debug (bootstrap): argv: /usr/local/bin/wp theme list --debug (0.049s)
Debug (bootstrap): ABSPATH defined: /srv/www/servers/www.datafaber.com/htdocs/ (0.05s)
Debug (bootstrap): Begin WordPress load (0.05s)
Debug (bootstrap): wp-config.php path: /srv/www/servers/www.datafaber.com/htdocs/wp-config.php (0.05s)
[www@bravo htdocs] $ echo $?
255

The wp-cli command exits with a status code of 255 and doesn’t show the list of plugins. If I deactivate NinjaFirewall from the WordPress admin and I try again the same command I get

[www@bravo htdocs] $ wp theme list --debug
Debug (bootstrap): No readable global config found (0.048s)
Debug (bootstrap): No project config found (0.049s)
Debug (bootstrap): argv: /usr/local/bin/wp theme list --debug (0.049s)
Debug (bootstrap): ABSPATH defined: /srv/www/servers/www.datafaber.com/htdocs/ (0.049s)
Debug (bootstrap): Begin WordPress load (0.049s)
Debug (bootstrap): wp-config.php path: /srv/www/servers/www.datafaber.com/htdocs/wp-config.php (0.049s)
Debug (bootstrap): Loaded WordPress (0.19s)
Debug (bootstrap): Running command: theme list (0.19s)
+---------------+----------+--------+---------+
| name          | status   | update | version |
+---------------+----------+--------+---------+
| balloons      | active   | none   | 1.0     |
| twentyfifteen | inactive | none   | 2.0     |
+---------------+----------+--------+---------+
[www@bravo.datafaber.net htdocs] $ echo $?
0

Any idea on how to solve this issue? I’d like to keep NinjaFirewall and wp-cli is essential to my workflow of keeping themes and plugins updated on several sites.

Viewing 7 replies - 1 through 7 (of 7 total)

Plugin Author nintechnet
(@nintechnet)

8 years ago
That’s odd, I don’t have any issue with WordPress 4.9.6 and NinjaFirewall 3.6.6.
```
$ wp theme list; echo $?
+-----------------+----------+--------+---------+
| name            | status   | update | version |
+-----------------+----------+--------+---------+
| twentyfifteen   | inactive | none   | 2.0     |
| twentyseventeen | active   | none   | 1.6     |
| twentysixteen   | inactive | none   | 1.5     |
+-----------------+----------+--------+---------+
0
```
What is your version of WP-CLI?
```
$ wp --version
WP-CLI 1.5.1
```
Can you try to add the --user switch to your command?
$ wp theme list --user=some_admin

Replace some_admin with the admin name.
Plugin Author nintechnet
(@nintechnet)

8 years ago

Additionally, can you check your PHP logs for any error messages too?
Thread Starter quicksilver03
(@quicksilver03)

8 years ago
I’m on wp-cli 1.5.1 as well:
```
[www@bravo htdocs] $ wp --version
WP-CLI 1.5.1
```
Adding the –user switch didn’t change anything, and I couldn’t find any error message in the php log, nor in syslog nor in the system journal.

The only way I could make wp-cli work without deactivating Ninja Firewall was changing the wp-config.php file in the following way:
```
if (!defined("WP_CLI")) {
  // BEGIN NinjaFirewall
  if (file_exists(dirname(__FILE__) . '/wp-content/plugins/ninjafirewall/lib/firewall.php') && ! defined("NFW_STATUS")) {
     @include_once(dirname(__FILE__) . '/wp-content/plugins/ninjafirewall/lib/firewall.php');
     define("NFW_WPWAF", 1);
  }
  // END NinjaFirewall
}
```
I got the idea from 2 wp-cli issues on GitHub, https://github.com/wp-cli/wp-cli/issues/2476 and https://github.com/wp-cli/wp-cli/issues/1881. It’s not ideal and probably it comes with a slight performance degradation, but at least I can keep both Ninja Firewall and wp-cli.
- This reply was modified 8 years ago by quicksilver03.
Plugin Author nintechnet
(@nintechnet)

8 years ago
That means there’s an error in the firewall.php script.
You can try to edit it, but be careful it is the part that loads before WordPress.

1. Edit “wp-content/plugins/ninjafirewall/lib/firewall.php”.

2. Search for:
```
function nfw_quit( $status ) {

   global $nfw_;

   @$nfw_['mysqli']->close();
   define( 'NFW_STATUS', $status );
   $nfw_= '';
   session_write_close();

}
```
3. Replace it with:
```
function nfw_quit( $status ) {

   global $nfw_;

   if (! empty( $nfw_['mysqli'] ) ) {
      @$nfw_['mysqli']->close();
   }

   define( 'NFW_STATUS', $status );
   $nfw_= '';
   session_write_close();

}
```
- This reply was modified 8 years ago by nintechnet.
Thread Starter quicksilver03
(@quicksilver03)

8 years ago

I have removed my edit to wp-config.php and tried the modification you suggested: it has worked well for me, wp-cli now shows the expected output and exits successfully while Ninja Firewall is active.

This modification seems quite safe to me, do you plan to include it in an update to Ninja Firewall?

Plugin Author nintechnet
(@nintechnet)

8 years ago

We’ll include this fix in the next release.

Thread Starter quicksilver03
(@quicksilver03)

8 years ago

Thanks for that, and for your quick reply (on a Sunday no less!).

Viewing 7 replies - 1 through 7 (of 7 total)

The topic ‘NinjaFirewall prevents wp-cli from working correctly’ is closed to new replies.