A powerful Web Application Firewall to protect WordPress against web attacks.
Features | WP Edition (Free) |
WP+ Edition (Premium) |
---|---|---|
Full standalone web application firewall | ||
"Sensei v1.0" advanced firewall engine (more info) | ||
Most efficient brute-force attack protection (more info) | ||
Unix shared memory use for inter-process communication ( ? ) | ||
Multisite support | ||
HTTP response headers | ||
Response body filter (Web Filter) to scan the output of the HTML page right before it is sent to your visitors browser | ||
File uploads management | Block/allow uploads. Sanitise file names. |
Block / Allow uploads. Sanitise file names. Block dangerous files. Scan ZIP files. Limit file size. |
Possibility to prepend your own PHP code to the firewall (.htninja) | ||
Role-based Access Control | Admin only | All roles available on the blog |
IP address & AS number Access Control | ||
Rate-limiting option | ||
Country-based Access Control (Geolocation) | ||
URL Access Control | ||
User Input Access Control | ||
Bot Access Control | ||
IPv4 & IPv6 compatibility | ||
Configurable HTTP return code and message | ||
Centralized Logging to remotely access the firewall log of all your NinjaFirewall protected websites from one single installation | ||
Activity log & Statistics | View log. Widget Stats. Live Log. |
View, select, export, delete, filter, enable and disable log. Auto rotation. Widget Stats. Live Log. |
Syslog Logging (compatible with Fail2Ban) | ||
Antispam for comment and user regisration forms | ||
Real-time detection (File Guard) | ||
File integrity monitoring to scan your website (File Check) | Hourly, twicedaily, daily | Hourly, twicedaily, daily |
Event notifications | ||
Security rules update | Hourly, twicedaily, daily | Every 15mn, 30mn, hourly, twicedaily, daily |
General Data Protection Regulation (GDPR) compliance | ||
Requirements | WordPress 4.9+ PHP 7.1+ Unix-like OS only ( ? ) |
WordPress 4.9+ PHP 7.1+ Unix-like OS only ( ? ) |
Online support | WordPress Forum only | Dedicated Help Desk with priority support |
All prices are in USD, per domain and per year.
Attacker > HTTP server > PHP > NinjaFirewall > WordPress
And this is how regular WordPress security plugins work:
Attacker > HTTP server > PHP > WordPress > Security Plugin
Will NinjaFirewall detect the correct IP of my visitors if I am behind a CDN service like Cloudflare or Incapsula?
If you are using NinjaFirewall (WP+ Edition), you can modify the source IP from the "Access Control > Source IP" menu. If you are using the free NinjaFirewall (WP Edition), you can use an optional configuration file to tell the firewall which IP to use. Please follow these steps.How can I restrict access to NinjaFirewall settings and menu?
See our blog post: Restricting access to NinjaFirewall (WP Edition) settings.I moved my wp-config.php
file to another directory. Will it work with NinjaFirewall?
wp-config.php
script in the current folder or, if it cannot find it, in the parent folder.
Can I add/write my own security rules?
You can use the optional .htninja configuration file for that purpose.Can I migrate my site(s) with NinjaFirewall installed?
In order to migrate your site, follow these steps:/wp-content/nfwlog/
./wp-content/nfwlog/
folder to your new site (unless you already copied it during the blog migration).Lost password (brute-force protection)
If you cannot access your WordPress admin console because you lost the brute-force protection username and/or password:/wp-content/nfwlog/cache/bf_conf.php
script.Cannot connect to WordPress database
After installing NinjaFirewall, the firewall returns the following error message:NinjaFirewall fatal error : Cannot connect to WordPress database
Download our database test script:
wp-db.php
.https://YOUR WEBSITE/wp-db.php
Blocked visitors
Because each site is different, it is possible that the default configuration of NinjaFirewall may wrongly block some visitors. If it occurred, please consult this post: Testing NinjaFirewall without blocking your visitorsFatal error, crash or failed installation
Consult this post for help: Troubleshoot NinjaFirewall installation problems.