Setting get stucked

Hi,

Did you run the troubleshooter script ( https://nintechnet.com/share/wp-check.txt ) as indicated in the FAQ?
1. Rename this file to “wp-check.php”.
2. Upload it into your WordPress root folder.
3. Go to https://YOUR WEBSITE/wp-check.php.
4. Delete it afterwards.

Make sure you are logged in to WordPress as an admininstrator before running it.

Hi Ninja,

Ok, I guessed I am half way there? I got to this screen but User session saying

Firewall Enabled
Mode NinjaFirewall is running in WordPress WAF mode.
PHP SAPI CGI-FCGI ~ 7.0.22
Version 3.6 ~ Security rules: 2017-12-07.1
Admin user MYUSERNAME: You are whitelisted by the firewall.

User session It seems the user session was not set by the firewall script or may have been destroyed by another plugin. You may get blocked by the firewall while working from the WordPress administration dashboard.

I even deactivated ALL plugins for testing (excepted this one) and message still existed?

I didn’t touch any setting yet or should I?

Ya, I already ran the wp-check and wp-bd. But what firewall script do I need to upload, check, etc and where to get it anyway?

Please advise HELP, thanks

That looks good. If you click on “NinjaFirewall > Overview”, do you see the same warning about the user session?

Hi Ninja,

Ya, The same message remains the same and the same session giving the same info? So actually I guessed is NOT good after all?

I clicked the WordPress WAF mode. read and saying uninstall and reinstall it. Then I did the same process and put me back the same thing?

What else is missing anyway?

Please advise, steps I need to do or not do?

Thanks

• This reply was modified 6 years, 11 months ago by DamnDramaQueen.

The firewall is installed and working, but you are having issues with PHP session.
There could be several reasons, among them:
-You have a caching plugin messing with session. I would say it seems unlikely, because it shouldn’t cache your data while you are logged in to the admin dashboard.
-You logged in to “domain.com” and you are redirected to “www.domain.com” hence you cannot get the original session created for “domain.com”.
-You have another plugin messing with PHP session (e.g., it starts a new one without checking if there is one already started).
-You are using PHP <5.4 and register_globals is defined (which is not the case here, you are runnning PHP 7.0.22).
-You PHP configuration is not correct. To check your session values:
1. Create a script named test.php
2. Add this content:

<?php 
   phpinfo(); 
?>

3. Upload and run it on your site.
4. Paste here the following variables and their values:
session.cache_expire
session.gc_maxlifetime
session.use_cookies
session.save_handler
session.save_path
session.gc_probability

• This reply was modified 6 years, 11 months ago by nintechnet.

Hi Ninja,

I even tried this you given me. No info. However, I am getting a lot of alert tho which is good…

It must be some thing is causing it. To free my headache, I will have to passed this plugin.

Thanks for helping btw..

I found this info to be helpful. I had one web site that just a couple of days ago started giving me the “It seems that the user session set by NinjaFirewall was not found by the firewall script…” message when looking at the NinjaFirewall Overview page. But all my other web sites with a similar setup were working fine. Another symptom was that all media uploads were being blocked on that site (because I had NinjaFirewall set to block all uploads for non-admins).

It turned out that a plugin called “mb.miniAudioPlayer” was causing the problem. I will start a new thread on that plugin’s support page to let them know.

Thanks!

@wp_kc : The “mb.miniAudioPlayer” plugin is calling session_write_close() which closes the session not only for itself, but for all installed plugins that may use session as well: https://plugins.trac.www.ads-software.com/browser/wp-miniaudioplayer/tags/1.8.9/miniAudioPlayer.php#L285

Comment out line 286 and it should solve your issue.

Yup. The developer released the fix a few hours ago. Fast service!