|NinTechNet : NinjaFirewall (WP edition) v1.1.3|
Version 1.1.3 introduces an optional NinjaFirewall configuration file that can be used to overwrite some of the firewall hard-coded variables, for instance, to tell NinjaFirewall where is located your WordPress configuration file,
This file must be named
NinjaFirewall package contains a sample file, named
It is a regular PHP file. Note that it does not contain a PHP closing tag (
wp-config.phpIf you want NinjaFirewall to use a specific
You can check if the file was detected from your WordPress admin console, in the "NinjaFirewall > Overview" menu :
You can add/modify server variables in the
Users of the Incapsula CDN service should use the
Users of NinjaFirewall (WP+ Edition) can perform the same task from the "Access Control > Source IP" menu option rather than using the .htninja file.
ALLOW / BLOCK
From v1.1.8, it is possible to use NinjaFirewall special return values
This is the fastest way to allow or block a request because it will be processed before WordPress is loaded and even before NinjaFirewall loads its own configuration. Note that, for this reason, the firewall will not write the event to its log.
For instance, we ask the firewall to allow IP 220.127.116.11 :
Allow IPs 18.104.22.168, 22.214.171.124 and 126.96.36.199 :
Allow all IPs from 188.8.131.52 to 184.108.40.206 :
To reject, use the
To allow any access to a PHP script located inside the
Users of NinjaFirewall (WP+ Edition) can whitelist or blacklist IPs from the "Access Control > IP Access Control" menu option rather than using the .htninja file.
Rev.: 1.01 2014-02-12 : added Cloudflare example.
Rev.: 1.02 2014-03-07 : added ALLOW and BLOCK example.
Rev.: 1.03 2014-03-23 : added Incapsula example.
Rev.: 1.04 2014-03-30 : added information about the WP+ Edition.