NinjaFirewall Login protection problem

You have two options:

1. Delete your browser’s cookies. That may be the problem.
2. Or : connect to your site over FTP and delete the wp-content/nfwlog/cache/bf_conf.php file. That will reset the login protection.

Then, log in and go to NinjaFirewall > Dashboard and check if you see any error or warning about PHP sessions.

Thank you, problem solved!

Now I see the following error message (see also the screenshots):

?It seems that the user session set by NinjaFirewall was not found by the firewall script.”

Can you please tell me what the problem is and how I can fix it so I can use the Captcha plugin?

You’re having issue with PHP sessions. If that your own server or a shared web hosting plan?
Download this script: https://nintechnet.com/share/wp-session.txt
1. Rename it to “wp-session.php”.
2. Upload it into your WordPress root folder.
3. Go to https://YOUR WEBSITE/wp-session.php
4. Delete it afterwards.

Paste the results here.

Hello,
I use my own server at Deutsche Telekom.

Unfortunately I can’t download the script – I get this error message:
“404 – Page not found”

To 2.:
I do this on the FTP server, right?

Yes, upload it over FTP.
Here it is:

<?php
header('Content-type: text/plain');

if (session_status() === PHP_SESSION_ACTIVE) {
	echo "Session already active.\n";
} else {
	echo "Starting a session..\n";
	session_start();
}

$foo = rand(100000, 999999);
echo "Writing $foo to session\n";
$_SESSION['session_test'] = $foo;

echo "Closing session.\n";
session_write_close();

$res = $_SESSION['session_test'];
echo "Session value: $res\n";

session_start();
unset( $_SESSION['session_test'] );

Thanks for the script.

Unfortunately, I am quite inexperienced with such actions, so please allow these questions:

1. The previous instruction said I should rename it to “wp-session.php”, how do I do that?
2. Upload WP Rootfolder: Is this the folder “/home/www/public_html/wordpress”?
3. The website url is https://somaticyoga-bochum.de
   This page cannot be found https://somaticyoga-bochum.de/wp-session.php4

That really depends on your website structure, I can’t tell you the paths.

Instead, you can try this:

1. Go to the “Plugins” page.
2. Click “Add new plugin”.
3. In the search box, enter “wpterm”.
4. Install the “WPTerm” plugin that appears in the list (or download it from here: https://www.ads-software.com/plugins/wpterm/)
5. Activate it.
6. Go to “Tools > WP Term”.
7. Enter this command:
   wget https://nintechnet.com/share/wp-session.txt -O wp-session.php
8. If you see “OK …wp-session.php saved”, then go to https://your-website/wp-session.php
9. Uninstall WPTerm.

• This reply was modified 8 months, 1 week ago by nintechnet.

Thanks,
after I went to ?https://your-website/wp-session.php it showed this:

”Starting a session.. Writing 951699 to session Closing session. Session value: 951699”

What do I have to do now?

(I deinstalled WP term).

PHP sessions are working. You may have another plugins that destroys the session though. If you click on WordPress > Tools > Site Health, do you see any warning or error about PHP session ?

Site Health is “good”, but…

The website health test shows information about WordPress configuration and elements…

· Inactive plugins should be removed

· Inactive themes should be removed

· You should use a persistent object cache

· The authorization header is missing

· Page cache not detected, but server response time is OK

It’s okay.
It looks like you may have another installed plugin that is destroying the session. You can try to follow this post: https://blog.nintechnet.com/ninjafirewall-php-sessions-debugging/
Add the NFW_SESSION_DEBUG_USER constant with your login name to the wp-config.php.

OK,
after I deactivated all plugins except NinjaFirwall WP Edition the problem still occurs.
Since English is not my native language and I am not a coding expert, I will give up on finding a solution and will no longer use NinjaFirwall as a plugin to move forward and will have to look for an alternative.

Thank you for your effort.