Trying to exclude directory from Ninja Firewall

  • Resolved chaoti

    (@chaoti)


    5 years, 10 months ago

    Hello NF authors,

    long time ago I installed a standalone forum (SMF) in the root directory of my WP site because I want to have the address my-domain.de/forum für the users. So the folder structure looks like this:

    ..
    forum
    wp-admin
    wp-content
    wp-includes

    Now I installed NF with the result that no one is able to log into the forum.

    I tried to whitelist the forum with .htninja like this:

    if ( $_SERVER["REQUEST_URI"] == https://my-domain.de/forum/index.php' ) {
   return 'ALLOW'; // whitelist
}

    This does not work. Currently I deactivated NF. Is there a solution that will work?

    Regards

Viewing 8 replies - 1 through 8 (of 8 total)
  • Plugin Author nintechnet

    (@nintechnet)

    5 years, 10 months ago

    Hi,

    $_SERVER["REQUEST_URI"] is not reliable (and cannot be trusted as well), you would need to use $_SERVER['SCRIPT_NAME'] instead with the local path to the folder.
    See this discussion: https://wordpress.org/support/topic/ignore-specific-folder/

    Thread Starter chaoti

    (@chaoti)

    5 years, 9 months ago

    Thx for your quick reply. I will try it. 🙂

    Thread Starter chaoti

    (@chaoti)

    5 years, 9 months ago

    Hello @nintechnet,

    it does not work. The .htinja file is not detected in the “NinjaFirewall > Overview” menu.

    Regards,

    Plugin Author nintechnet

    (@nintechnet)

    5 years, 9 months ago

    Check the syntax of the file: it is .htninja, not .htinja.

    Thread Starter chaoti

    (@chaoti)

    5 years, 9 months ago

    Hello @nintechnet,

    ok, I will have a look at this. Maybe it’s only a spelling mistake in my answer here….

    Sorry for my late reply. By the time there is a lot of work.

    Regards,

    Thread Starter chaoti

    (@chaoti)

    5 years, 9 months ago

    Hello @nintechnet,

    it was only a spelling mistake in my answer here…

    Regards,

    Plugin Author nintechnet

    (@nintechnet)

    5 years, 9 months ago

    Try this script:
    1. Name it htninjatest.php
    2. Upload it to your site
    3. Go to http://YOUR-SITE/htninjatest.php

    It will try to find your .htninja and if it can’t, it will give you the paths where the file should be uploaded.

    <?php
header('Content-Type: text/plain');

$found = 0;

echo "Searching for the .htninja in the document_root parent folder (". dirname( $_SERVER['DOCUMENT_ROOT'] ) ."): ";
if (! file_exists( dirname( $_SERVER['DOCUMENT_ROOT'] ) .'/.htninja' ) ) {
   echo "not found\n";
} else {
   echo "fount it!\n";
   exit;
}

echo "Searching for the .htninja in the document_root folder ({$_SERVER['DOCUMENT_ROOT']}): ";
if (! file_exists( $_SERVER['DOCUMENT_ROOT'] .'/.htninja' ) ) {
   echo "not found\n";
} else {
   echo "fount it!\n";
   exit;
}

echo "\nCannot find the .htninja. Make sure it is located in one of the following locations:\n" .
   "-{$_SERVER['DOCUMENT_ROOT']}/.htninja\n" .
   "-". dirname( $_SERVER['DOCUMENT_ROOT'] ) ."/.htninja\n";
    Thread Starter chaoti

    (@chaoti)

    5 years, 7 months ago

    Sorry, I forgot to answer, but now:

    Thx @nintechnet, it works 🙂

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Trying to exclude directory from Ninja Firewall’ is closed to new replies.