Table Of Content Plus For AMP GPL Overview:
NinjaFirewall (WP Edition) is a true Web Application Firewall. Although it can be installed and configured just like a plugin, it is a stand-alone firewall that stands in front of WordPress.
It allows any blog administrator to benefit from very advanced and powerful security features that usually aren’t available at the WordPress level, but only in security applications such as the Apache ModSecurity module or the PHP Suhosin extension.
NinjaFirewall requires at least PHP 5.6, MySQLi extension and is only compatible with Unix-like OS (Linux, BSD). It is not compatible with Microsoft Windows.
NinjaFirewall can hook, scan, sanitise or reject any HTTP/HTTPS request sent to a PHP script before it reaches WordPress or any of its plugins. All scripts located inside the blog installation directories and sub-directories will be protected, including those that aren’t part of the WordPress package. Even encoded PHP scripts, hackers’ shell scripts and backdoors will be filtered by NinjaFirewall.
POWERFUL FILTERING ENGINE
NinjaFirewall includes the most powerful filtering engine available in a WordPress plugin. Its most important feature is its ability to normalize and transform data from incoming HTTP requests which allows it to detect Web Application Firewall evasion techniques and obfuscation tactics used by hackers, as well as to support and decode a large set of encodings. See our blog for a full description: An introduction to NinjaFirewall filtering engine.
FASTEST AND MOST EFFICIENT BRUTE-FORCE ATTACK PROTECTION FOR WORDPRESS
By processing incoming HTTP requests before your blog and any of its plugins, NinjaFirewall is the only plugin for WordPress able to protect it against very large brute-force attacks, including distributed attacks coming from several thousands of different IPs.
See our benchmarks and stress tests: Brute-force attack detection plugins comparison
The protection applies to the
wp-login.php script but can be extended to the
xmlrpc.php one. The incident can also be written to the server
AUTH log, which can be useful to the system administrator for monitoring purposes or banning IPs at the server level (e.g., Fail2ban).
File Guard real-time detection is a totally unique feature provided by NinjaFirewall: it can detect, in real-time, any access to a PHP file that was recently modified or created, and alert you about this. If a hacker uploaded a shell script to your site (or injected a backdoor into an already existing file) and tried to directly access that file using his browser or a script, NinjaFirewall would hook the HTTP request and immediately detect that the file was recently modified or created. It would send you an alert with all details (script name, IP, request, date and time).
FILE INTEGRITY MONITORING
File Check lets you perform file integrity monitoring by scanning your website hourly, twice daily or daily. Any modification made to a file will be detected: file content, file permissions, file ownership, timestamp as well as file creation and deletion.
NEED MORE SECURITY ?
Check out our new supercharged edition: NinjaFirewall WP+ Edition
- Unix shared memory used for inter-process communication and blazing fast performances.
- IP-based Access Control.
- Role-based Access Control.
- Country-based Access Control via geolocation.
- URL-based Access Control.
- Bot-based Access Control.
- Centralized Logging.
- Antispam for comment and user registration forms.
- Rate limiting option to block aggressive bots, crawlers, web scrapers and HTTP attacks.
- Response body filter to scan the output of the HTML page right before it is sent to your visitor’s browser.
- Better File uploads management.
- Better log management.
- Syslog logging.
Learn more about the WP+ Edition unique features. Compare the WP and WP+ Editions.