Hi,
If your site is down, open/edit your PHP INI file and/or .htaccess and remove all instructions added by the firewall (they were displayed to you during the setup process). Those instructions start with BEGIN NinjaFirewall and end with END NinjaFirewall.
If you get a 500 Internal error, could you check your HTTP error log? That would give us the reason why your server crashed.
Hello,
I have exactly the same problem. 500 internal server error. First i put an backup back, still the problem exists. Then did what you replied above and got rid of the begin ninjafirewall and in between and end ninja firewall files in php ini file and htaccess. Now the website is still gone and we get a white screen. How can i resolve this big problem?
Hi,
NinjaFirewall makes a backup of the PHP INI and .htaccess it needs to modify. Those files are named “.htaccess.ninjaxxxxxxxxxx”, “php.ini.ninjaxxxxxxxxxx” etc, where “x” is a 10-digit number.
Can you see them? Can you restore them to replace the ones you manually edited?
OK, I apparently undid the damage as you directed below.
I have access to my site again and to the Ninja Firewall configuration.
On that page you suggest looking for configuration/installation help on your site.
When I go there (http://ninjafirewall.com/wordpress/help.php) it says:
“If you need help, click on the contextual Help menu located in the upper right corner of each page :”
There you lose me. There is no such menu anywhere on the page.
Next to “Select your HTTP server and your PHP server API (SAPI)” there is the drop-down menu that got me into trouble.
I had selected the default: “Apache + GGI/FastCGI(recommended)” – whatever the hall that means – and irreversibly lost access to the site.
Next to that it there is a link to “view PHPinfo” I’m guessing that the gobbledy-gook that that link displays will somehow help me to
make the right choice in that drop down menu. I could copy that stuff here but I fear that publishing that stuff might compromize my site.
I guessed at a different selection from the drop-down:Other webserver + CGI/FastCGI and tried that. The site did not crash, but it still failed to load the firewall.
My WP dashboard has the message: “NinjaFirewall fatal error : Unable to communicate with the firewall. Please check your PHP INI settings. Review your installation, your site is not protected.”
My PHI INI file reads:
; BEGIN NinjaFirewall
auto_prepend_file = /home4/bdmclean/public_html/dentistrywithoutmercury.com/wp-content/plugins/ninjafirewall/lib/firewall.php
; END NinjaFirewall
My .htaccess access file contains no mention of NinjaFirewall
Before the attempted installation of NinjaFirewall, my WP site had NO FILE containing .ini (according to a backup of my site)
It seems to be working, but your PHP INI is not recursive (does not apply to subfolders):
Try to access: http://dentistrywithoutmercury.com/wp-config.php
You will be blocked. But that does not work in subfolders: http://dentistrywithoutmercury.com/wp-content/plugins/index.php
In addition, your server seems to be using Modsecurity firewall.
Maybe you also have suPHP enabled which could explain the crash and the recursion problem.
Can you try this:
1. open (or create) the .htaccess file in the /home4/bdmclean/public_html/dentistrywithoutmercury.com folder.
2. add those lines to it:
# BEGIN NinjaFirewall
<IfModule mod_suphp.c>
suPHP_ConfigPath /home4/bdmclean/public_html/dentistrywithoutmercury.com
</IfModule>
# END NinjaFirewall
3. log in to WP admin console and check if the firewall is working
Hi,
I looked for the file: php.ini.ninjaxxxxxxxxxx. It is not there. Only the php.ini file. The “.htaccess.ninjaxxxxxxxxxx file is there, both in the wp_content. The “.htaccess.ninjaxxxxxxxxxx file seems just to be a copy of the normal .htaccess file and nothing else.
I did put back the: BEGIN NinjaFirewall and end with END NinjaFirewall rules in the php.ini file and .htaccess file, then get a 500 server error again.
Also tried to rename the plugin through ftp, also not working, errors again… on line… etc.
Checked the error log at my hosting, it says this:
[Thu Dec 04 12:19:21 2014] [alert] [client xx.xxx.xxx.xxx] /home/xxx/public_html/xxxxxxx/.htaccess: Invalid command ‘php_value’, perhaps misspelled or defined by a module not included in the server configuration
Is there otherwise a way to remove the files manually?
Can you please help me out here, this site has to be up and running asap.
How do I check if the firewall is working? The test firewall button appears on the page AFTER the configuration page. Do I go through the configuration process again?. If so, what choices should I make from the drop-down menu?
In the WP dashboard, the warning “NinjaFirewall fatal error : Unable to communicate with the firewall. Please check your PHP INI settings. Review your installation, your site is not protected.” still appears.
And i looked everywhere for this php.ini.ninjaxxxxxxxxxx file. Can’t find it in wp_content, wp_includes, not in the nfwlog, not in the plugins/ninjafirewall section. It’s nowhere to be found.
@draak: as you can see in the log, the file named /home/xxx/public_html/xxxxxxx/.htaccess has a “php_value” instruction which should be removed. Can you see it in the file? You can send me the .htaccess file to contact(at)nintechnet.com. Attach the file to your email and put “draak WP forum” in the subject.
Regarding php.ini, you do not seem to have any, you can ignore it.
@bdmclean: you do not need to go through the installation process again. That is fine.
You only need now to solve the php.ini recursion issue. As long as it is not fixed, you will see the firewall red warning in your WP dashboard.
Hi,
Did sent it to you, thanks.
What exactly is “the php.ini recursion issue?”
I surmise from a previous comment that “recursion” (applying to sub-folders?) is NOT occurring.
How do I go about fixing it?
I’m not sure why, but all seems to be working now.
Thanks for your help!!
That’s a good news. It seems you have a rather picky PHP/server config!
Now another question. My dentistrywithoutmerury.com site is one of several hosted under my main hosting account. Do I install NinjaFirewall on each site?
