Support » Plugin: NinjaFirewall (WP Edition) - Advanced Security » Rate limiting and HD cache plugins

  • Resolved wplike75

    (@wplike75)


    Hello,

    pre-sale question about the rate limiting feature in WP+ Edition.

    Is Ninja WP+ Edition work with caching HDD plugins ?
    Limitation du trafic pour bloquer les bots, crawlers, web scrapers et les petites attaques HTTP

    I need to be sure this working with cache plugins.

    The same feature rate limiting do not work with wordfence, so maybe this do not work also with Ninja WP+ Edition.

    Regards.

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author nintechnet

    (@nintechnet)

    Hi

    If you use your .htaccess to load static files, that won’t work because your HTTP server will not forward the request to the PHP interpreter and NinjaFirewall.
    That’s the problem with that type of caching plugin.

    Regarding attacks, they will be blocked because they require parameters, payloads etc and, for that reason, they won’t be cached by your plugin but forwarded to PHP.

    Hi Nintechnet,

    thanks for your answer. I’m now using the plugins “cache-enabler” https://wordpress.org/plugins/cache-enabler/ for my cache, without the htaccess rewrite rule.

    I have try with Wordfence the rate limiting but do not work.

    Do you know if with NinjaFirewall (WP+ Edition) rate limiting will work and block this stupid guys who connect thousand time to my site for trying to ddos it ?

    I’m using mod_security in OVH, and in my log I found many thing like this:

    [Sat May 06 09:24:49 2017] [error] [client xxx.xxx.xxx.xxx] ModSecurity: Warning. Operator LT matched 20 at TX:inbound_anomaly_score. [file “/usr/local/apache2/conf/modsecurity/base_rules/modsecurity_crs_60_correlation.conf”] [line “32”] [msg “Inbound Anomaly Score (Total Inbound Score: 2, SQLi=, XSS=): Range: field exists and begins with 0.”] [hostname “mywebsite.com”] [uri “/index.php”] [unique_id “WQ16QQoAWsoAADukIRQAAAAp”]

    And this is all the day, 4 or 5 time by seconds, so my logs are flodded and my web site slow.

    I have try to block IP in my htacces, but 1mn later, they change IP and keep on going…

    So if NinjaFirewall can protect me for this ddos it will be great and I will buy the WP+ Edition.

    Best regards.

    • This reply was modified 2 years, 7 months ago by wplike75.
    Plugin Author nintechnet

    (@nintechnet)

    Hi,

    If you can’t block it with mod_security, you won’t be able to use NinjaFirewall either.
    As you only have 4 or 5 requests per seconds, your best bet would be to hire an admin to tweak your server (HTTP, PHP, MySQL and TCP/IP stack) so that it can handle more requests per seconds. So far, it doesn’t seem well optimized.

    Hi,
    ok I understand. Thank you for your answers, and for your great plugins.
    Regards.

    Hello,

    buyed the WP+ Edition, and rate limiting is working with cache-enabler HD disk (without the htaccess rewrite rules) !

    This plugins is the best, thank you !

    Best regards.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Rate limiting and HD cache plugins’ is closed to new replies.