I had a look at your 3 star review by MrBrian.
Could not understand regarding mod_security and other issues he had raised.
Since there was no reply to his review I thought I enquire with you on the aforesaid.
Easy to use and secure! Recommended plugin.
I had a false positive a short time ago. A previous reviewer noted this as a big reason they abandoned this plugin. However, my experience was very positive. I contacted support and explained my problem. They added a fix to the security rule system and included it in the next rules update (which was later that same day). Problem solved.
Love this plugin.
NinjaFirewall is a very efficient WAF, simple to use, and also very light weight: there is no feeling of slowness on the site protected by the tool.
I greatly recommend it!
Die Güte der Abwehr kann icht natürlich nach wenigen Tagen nicht beurteilen. Aber die Performance ist überwältigend. Der Test mehrerer Friewalls unter https://developers.google.com/speed/pagespeed/insights/ergab bei meinem System den Verlust von 10 bis 20 Prozentpunkten, und Google mecktert, der Server sei zu langsam. Ninja Firewall braucht nur 3 Prozentpunkte, und der server bleibt schnell.
The support was very fast and helpful.
I can't judge the quality of the protection.
Watching this plugin do its thing is the stuff of nightmares lol..
Amazing job on this! I had to unhack a few things last week but they were fully rooted, firing off emails, had about 1000 html landing pages and so on.
This plugin stops that dead in its tracks. Its also really useful for finding other compromised files you may have missed by checking the traffic log.
It also has an amazingly low footprint, even on shared hosting.
Really, very well done.
While NinjaFirewall definitely has a lot going for it with it's speed and extensive firewall rules, it may cause issues with your site - whether you realize it or not.
This plugin is basically like mod_security and shouldn't be compared to other security plugins like Wordfence. It's firewall rules are often 'too secure' and you'll find the support forum littered with people complaining about false positives. I ran into multiple issues with some as simple as copy and pasting HTML code into my post that it thought were malicious (detected a comparison operator i POST request? come on). Personally, after about the 10th random issue over 5 months of using this plugin on different sites.. I finally had to toss it out the window.
The last straw was I started doing backups with VaultPress and saw the firewall log filling with "critical" entries, basically blocking some of the backup operations. With no way to whitelist by IP, request URI, or even an option to never block requests from logged in users - you're sh*t out of luck.
And good luck reading the firewall log because it's a mess. I really have to scroll all the way down to see the latest log entries? No way to filter out the pointless "allowed uploads" or constant repeating "suspicious bots/scanners" entries? A different log for each day? No thanks.
Excelent firewall. Read documentation for a good configuration.
If you are getting people trying to hack you or getting your CPU mullered by bots and other programs then this plugin is the solution. It is seamless to install (no problems at all), it communicates what it is doing and the support on the forum if fantastic (even the free version). Stop being afraid that your server is going to be DDOSed while you sleep and install this!
You must log in to submit a review. You can also log in or register using the form near the top of this page.