Title: Allow script to run
Last modified: November 3, 2021

---

# Allow script to run

 *  Resolved [dimsal](https://wordpress.org/support/users/dimsal/)
 * (@dimsal)
 * [4 years, 7 months ago](https://wordpress.org/support/topic/allow-script-to-run/)
 * Hi,
 * How can I allow a certain php script to run inside wp-content folder? It’s a 
   thumbnail creation php script and I need to run it for a couple of times.
 * I used this page as a reference: [https://blog.nintechnet.com/ninjafirewall-wp-edition-the-htninja-configuration-file/](https://blog.nintechnet.com/ninjafirewall-wp-edition-the-htninja-configuration-file/)
 * I tried both this solution:
 *     ```
       if (strpos($_SERVER['SCRIPT_FILENAME'], '/foo/bar/') !== FALSE) {
          return 'ALLOW';
       }
       ```
   
 * and this:
 *     ```
       if (strpos($_SERVER['SCRIPT_NAME'], 'script.php') !== FALSE ) {
          return 'ALLOW';
       }
       ```
   
 * but none of these worked. What am I doing wrong?
 * Could you give some tips?
 * Thank you.

Viewing 6 replies - 1 through 6 (of 6 total)

 *  Plugin Author [nintechnet](https://wordpress.org/support/users/nintechnet/)
 * (@nintechnet)
 * [4 years, 7 months ago](https://wordpress.org/support/topic/allow-script-to-run/#post-15033685)
 * The syntax is correct and it worked when I tested it. Did you check in the “NinjaFirewall
   > Dashboard” page if the .htninja script is loaded by the firewall?
 *  Thread Starter [dimsal](https://wordpress.org/support/users/dimsal/)
 * (@dimsal)
 * [4 years, 7 months ago](https://wordpress.org/support/topic/allow-script-to-run/#post-15034931)
 * Yes, the .htninja file is loaded by the firewall.
 * One other weird thing is in Advanced tab of Firewall Policies I have **Set Content-
   Security-Policy for the website frontend** enabled and the rules are not getting
   updated. I’ve added new rules but the browser’s Developer Console still shows
   old outdated version of the rules. I checked all the caching, etc. and can’t 
   find the reason why would it show the old version. Any ideas what else to check?
 *  Plugin Author [nintechnet](https://wordpress.org/support/users/nintechnet/)
 * (@nintechnet)
 * [4 years, 7 months ago](https://wordpress.org/support/topic/allow-script-to-run/#post-15038691)
 * Can you run the troubleshooter script and paste the results here: [https://nintechnet.com/share/wp-check.txt](https://nintechnet.com/share/wp-check.txt)
   
   1. Rename it to “wp-check.php”. 2. Upload it into your WordPress root folder.
   3. Go to [http://YOUR](http://YOUR) WEBSITE/wp-check.php 4. Delete it afterwards.
 *  Thread Starter [dimsal](https://wordpress.org/support/users/dimsal/)
 * (@dimsal)
 * [4 years, 7 months ago](https://wordpress.org/support/topic/allow-script-to-run/#post-15039622)
 * Here’s the result:
 *     ```
       NinjaFirewall (WP edition) troubleshooter
       HTTP server	: nginx/1.19.3
       PHP version	: 7.4.24
       PHP SAPI	: FPM-FCGI
   
       auto_prepend_file : /home/******/webapps/my-dev-site/wp-content/nfwlog/ninjafirewall.php
       Loader's path to firewall : /home/******/webapps/my-dev-site/wp-content/plugins/ninjafirewall/lib/firewall.php
       wp-config.php :	found in /home/******/webapps/my-dev-site/wp-config.php
       NinjaFirewall detection	: NinjaFirewall WP Edition is loaded (Full WAF mode)
   
       Loaded INI file	: /etc/php74rc/php.ini
       user_ini.filename : .user.ini
       user_ini.cache_ttl : 300 seconds
       User PHP INI : .user.ini found -
   
       DOCUMENT_ROOT : /home/******/webapps/my-dev-site
       ABSPATH	: /home/******/webapps/my-dev-site/
       WordPress version :	5.8.1
       WP_CONTENT_DIR	: /home/******/webapps/my-dev-site/wp-content
       Plugins directory :	/home/******/webapps/my-dev-site/wp-content/plugins
       User Role : Administrator
       User Capabilities :	manage_options: OK - unfiltered_html: OK
       Log dir permissions	: /home/******/webapps/my-dev-site/wp-content/nfwlog dir is writable
       Cache dir permissions :	/home/******/webapps/my-dev-site/wp-content/nfwlog/cache dir is writable
   
       NinjaFirewall (WP edition) troubleshooter v1.9.4
       ```
   
    -  This reply was modified 4 years, 7 months ago by [dimsal](https://wordpress.org/support/users/dimsal/).
 *  Thread Starter [dimsal](https://wordpress.org/support/users/dimsal/)
 * (@dimsal)
 * [4 years, 7 months ago](https://wordpress.org/support/topic/allow-script-to-run/#post-15040137)
 * Never mind, found the issue. I misconfigured the .htninja file — put a similar
   looking but different domain hence both issues. Now all resolved.
 *  Thread Starter [dimsal](https://wordpress.org/support/users/dimsal/)
 * (@dimsal)
 * [4 years, 7 months ago](https://wordpress.org/support/topic/allow-script-to-run/#post-15040143)
 * Ticket is resolved.

Viewing 6 replies - 1 through 6 (of 6 total)

The topic ‘Allow script to run’ is closed to new replies.

 * ![](https://ps.w.org/ninjafirewall/assets/icon-256x256.png?rev=976137)
 * [NinjaFirewall (WP Edition) - Advanced Security Plugin and Firewall](https://wordpress.org/plugins/ninjafirewall/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/ninjafirewall/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/ninjafirewall/)
 * [Active Topics](https://wordpress.org/support/plugin/ninjafirewall/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/ninjafirewall/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/ninjafirewall/reviews/)

 * 6 replies
 * 2 participants
 * Last reply from: [dimsal](https://wordpress.org/support/users/dimsal/)
 * Last activity: [4 years, 7 months ago](https://wordpress.org/support/topic/allow-script-to-run/#post-15040143)
 * Status: resolved