Title: Firewall blocking processes outside WordPress
Last modified: June 29, 2021

---

# Firewall blocking processes outside WordPress

 *  Resolved [pennymachines](https://wordpress.org/support/users/pennymachines/)
 * (@pennymachines)
 * [4 years, 11 months ago](https://wordpress.org/support/topic/firewall-blocking-processes-outside-wordpress/)
 * Hi,
    When I enabled Full WAF mode, various processes outside my multisite WordPress
   directory were affected. For example, I could no longer delete images on a phpBB
   forum. When I disabled javascript and tried again, Ninjafirewall reported: “Sorry(
   IP), your request cannot be processed. For security reasons, it was blocked and
   logged.
 * Wordpress and phpBB are installed in two separate root sub-directories.
 * It is blocking other critical processes outside WP.
 * Is this normal? Is there an easy remedy?
 * For now I’ve deactivated Ninjafirewall because, having activated Full WAF, I 
   could find no way to deactivate it.
 * I would welcome any advice. Thanks.

Viewing 5 replies - 1 through 5 (of 5 total)

 *  Thread Starter [pennymachines](https://wordpress.org/support/users/pennymachines/)
 * (@pennymachines)
 * [4 years, 11 months ago](https://wordpress.org/support/topic/firewall-blocking-processes-outside-wordpress/#post-14609234)
 * OK, having now read the manual, I’m a _little_ wiser…
    [NinjaFirewall Full WAF vs WordPress WAF mode](https://blog.nintechnet.com/full_waf-vs-wordpress_waf/)
 * I also see instructions for enabling/disabling Full WAF mode.
 * So now I need to figure out how to tame it a bit and allow some scripts external
   to WP.
    -  This reply was modified 4 years, 11 months ago by [pennymachines](https://wordpress.org/support/users/pennymachines/).
 *  Plugin Author [nintechnet](https://wordpress.org/support/users/nintechnet/)
 * (@nintechnet)
 * [4 years, 11 months ago](https://wordpress.org/support/topic/firewall-blocking-processes-outside-wordpress/#post-14612398)
 * In “Full WAF” mode, all sub-directories are under the firewall protection. If
   there’s a third-party PHP application, it’s better to disable the firewall in
   its folder.
    There are different methods to do that, but the simplest one would
   be to create a `.user.ini` file in the phpBB folder with the following content:
 *     ```
       ; BEGIN Disable NinjaFirewall for that folder
       auto_prepend_file = 
       ; END Disable NinjaFirewall for that folder
       ```
   
 * The main goal here is to override the `auto_prepend_file` directive used by the
   firewall with an empty value.
    If that doesn’t work, let me know and we’ll try
   another method.
    -  This reply was modified 4 years, 11 months ago by [nintechnet](https://wordpress.org/support/users/nintechnet/).
 *  Thread Starter [pennymachines](https://wordpress.org/support/users/pennymachines/)
 * (@pennymachines)
 * [4 years, 11 months ago](https://wordpress.org/support/topic/firewall-blocking-processes-outside-wordpress/#post-14616155)
 * Thank you so much for the advice.
    Unfortunately, that didn’t work. I think my
   host disallows over-riding server settings with .ini
 *  Plugin Author [nintechnet](https://wordpress.org/support/users/nintechnet/)
 * (@nintechnet)
 * [4 years, 11 months ago](https://wordpress.org/support/topic/firewall-blocking-processes-outside-wordpress/#post-14618974)
 * In the next version of NinjaFirewall there will be an option to manage the Full
   WAF mode and to exclude folders. But in the meantime, you can use [the .htninja script](https://blog.nintechnet.com/ninjafirewall-wp-edition-the-htninja-configuration-file/)
   to exclude it:
 *     ```
       <?php
       /*
        +===========================================================================================+
        | NinjaFirewall optional configuration file                                                 |
        |                                                                                           |
        | See: https://blog.nintechnet.com/ninjafirewall-wp-edition-the-htninja-configuration-file/ |
        +===========================================================================================+
       */
   
       if (strpos($_SERVER['SCRIPT_FILENAME'], '/phpBB/') !== FALSE) {
          return 'ALLOW';
       }
       ```
   
 * Replace `phpBB` with the phpBB folder’s name. Make sure to keep the leading and
   tailing `/` for better accuracy.
 * Upload that `.htninja` script into your document root folder, then log in to 
   WordPress, go to “NinjaFirewall > Dashboard” and make sure the firewall detected
   it:
 *  Thread Starter [pennymachines](https://wordpress.org/support/users/pennymachines/)
 * (@pennymachines)
 * [4 years, 11 months ago](https://wordpress.org/support/topic/firewall-blocking-processes-outside-wordpress/#post-14620131)
 * That’s got it!
    Thank you again for your help, and for this excellent plugin.
   Full WAF mode exclude options in the next version sounds like a good plan.

Viewing 5 replies - 1 through 5 (of 5 total)

The topic ‘Firewall blocking processes outside WordPress’ is closed to new replies.

 * ![](https://ps.w.org/ninjafirewall/assets/icon-256x256.png?rev=976137)
 * [NinjaFirewall (WP Edition) - Advanced Security Plugin and Firewall](https://wordpress.org/plugins/ninjafirewall/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/ninjafirewall/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/ninjafirewall/)
 * [Active Topics](https://wordpress.org/support/plugin/ninjafirewall/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/ninjafirewall/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/ninjafirewall/reviews/)

 * 5 replies
 * 2 participants
 * Last reply from: [pennymachines](https://wordpress.org/support/users/pennymachines/)
 * Last activity: [4 years, 11 months ago](https://wordpress.org/support/topic/firewall-blocking-processes-outside-wordpress/#post-14620131)
 * Status: resolved