Is Ninja Firewall compatible with CloudFlare CDN?

  • Hi.
    Thank you so much for this great plugin, it’s a life saver!
    I have installed it on one of my website on a Godaddy shared hosting and it’s working perfectly. I’d like to install it on one other website on the same hosting account, but as I’m using CloudFlare CDN on it I’d prefer to know if it’s ok to use Ninja Firewall with CloudFlare?
    I want you to know that the actual website on which Ninja Firewall is working now is the primary website on my Godaddy account, that means all other websites are just sub folders for the primary one, that’s why Ninja Firewall is protecting them too as I guess. Is there any problem to install Ninja Firewall on other websites too?
    Thank you so much again, and sorry for my bad English ??

    https://www.ads-software.com/plugins/ninjafirewall/

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Author nintechnet

    (@nintechnet)

    Hi,

    I don’t know if you could install NinjaFirewall inside subfolders, because Godaddy may only allow one php.ini per account. See this link: https://www.godaddy.com/help/what-filename-does-my-php-initialization-file-need-to-use-8913

    Regarding Cloudflare, you can use it with NinjaFirewall but you will need to use the “.htninja” user configuration file to forward the correct IP to the firewall. See this link, which contains an example of Cloudflare configuration : https://nintechnet.com/ninjafirewall/wp-edition/help/?htninja

    Thread Starter Abdelhadi Touil

    (@hadi060)

    Thanks for your fast reply.
    What I have in my Godaddy account is a primary website using WordPress, when I want to add another website with another domain name, I do it via Godaddy panel, so I link the domain to a subfolder in my account. The primary website files are in the root, but other websites are linked to subfolders.
    I’v tried to install NinjaFirewall in another website on my account, and I was surprised that it’s working without any installation process! I’v then just verify its setting and all was not default, so I’v switched them to default choices. What I want to know is if is this normal? Because I can do the same with other websites. It’s like NinjaFirewall is using the same php.ini file (it’s user.ini by the way) without adding new lines to it.
    Regarding CloudFlare, I’ll use “.htninja” user configuration file after reading your answer to my above question.
    Thank you very much.
    Sincerely.

    Plugin Author nintechnet

    (@nintechnet)

    If they all use the same php.ini, that is not a good thing because they will all use the same unique configuration and that will mess with the firewall.
    Your sites seem to be add-ons. You should temporarily rename the main ‘public_html/php.ini’ file to ‘public_html/php.ini.bak’ to disable the firewall. Then, try to install it in the sub-folders, each installation using its own php.ini. When it is done and if it works, you can rename the ‘php.ini.bak’ to ‘php.ini’ to reenable the firewall for the main site.

    If it does not work, it means you are not allowed to have more that one php.ini per account. In that case, you can have a look a this article: https://blog.nintechnet.com/installing-ninjafirewall-with-hhvm-hiphop-virtual-machine/
    Although it explains how to install NinjaFirewall with HHVM, the “Multiple-site installation” section shows how you can install several copies of it, even if you have only one ‘php.ini’. In your case, the main ‘php.ini’ would be the one in your public_html folder, and you could create a ‘route.php’ script inside the same folder.

    Thread Starter Abdelhadi Touil

    (@hadi060)

    Yes my sites are add-ons, and you are right, same unique configuration mess with the firewall, and websites becomes slow after installing the plugin on other websites.
    I’ll try your first suggestion to disable the main php.ini, but the problem here is Ninja Firewall is protecting all websites, so I think it will be a conflict whit the main website.
    I’v read your very detailed tutorial, and I think I can try it using root.php script.
    What I see is Ninja Firewall working very well from the main website, if there is a way to pass some restrictions it will be very fine:
    – Is there a way to allow administrators and editor on other websites to upload files during publishing posts? Because Ninja Firewall doesn’t allow that when upload file option is disabled from the main website.
    Thanks again, and sorry for asking a lot ??

    Plugin Author nintechnet

    (@nintechnet)

    I’ll try your first suggestion to disable the main php.ini, but the problem here is Ninja Firewall is protecting all websites, so I think it will be a conflict whit the main website.

    If you are allowed to use a php.ini (or .user.ini) inside the subfolder, there won’t be any conflicts because that INI file will override the directives of the INI file located inside the parent directory.

    Role-based access control is a feature only available in the WP+ Edition (premium). In the WP Edition, only the admin can be whitelisted.
    But with the help of the .htninja user configuration script, you could whitelist the editor’s IP for instance.

    Thread Starter Abdelhadi Touil

    (@hadi060)

    Thank you very much for you helpful answers and your precious time. I’ll make the right choice by following your suggestions.
    Keep making such very nice tools ??
    Sincerely.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Is Ninja Firewall compatible with CloudFlare CDN?’ is closed to new replies.

Tags