Posted a reply to Full WAF mode turning off by itself, on the site WordPress.org Forums:
Next time the Full WAF mode is deactivated, download the file over FTP and check…

Posted a reply to “Alert: File Guard detection”, on the site WordPress.org Forums:
Nothing to worry about, as there was a core update, the alert was triggered by…

Posted a reply to Full WAF mode turning off by itself, on the site WordPress.org Forums:
Click on the "Activate Full WAF mode" button and, after configuring it, select "I want…

Posted a reply to Google Recaptcha blocked, on the site WordPress.org Forums:
Maybe you should remove the semicolon: https://prnt.sc/Qzr_0_tgdBY7

Posted a reply to Full WAF mode turning off by itself, on the site WordPress.org Forums:
Which file has a firewall directive: .htaccess, php.ini or .user.ini ?Did you check it to…

Posted a reply to Unable to activate Full WAF Mode, on the site WordPress.org Forums:
By default, LiteSpeed requires that the PHP directives be added to a .htaccess. If that…

Posted a reply to Google Recaptcha blocked, on the site WordPress.org Forums:
If you enable "Content-Security-Policy", you need to configure them according to your site. There's no…

Posted a reply to [NSFW] My users are getting blocked, on the site WordPress.org Forums:
If there's nothing in the log, it could be due to an "HTTP response headers"…

Posted a reply to [NSFW] My users are getting blocked, on the site WordPress.org Forums:
Try to access the page as a user, then log in to WordPress as an…

Posted a reply to Unable to activate Full WAF Mode, on the site WordPress.org Forums:
I can't find many info about Impreza host using PHP INI with but I found…

Posted a reply to [NSFW] My users are getting blocked, on the site WordPress.org Forums:
Please post a screenshot or the firewall log (NinjaFirewall > Logs).

Posted a reply to How to block IP address, on the site WordPress.org Forums:
It can't be blocked. NinjaFirewall can take two actions: block or sanitize. The latter is…

Posted a reply to Unable to activate Full WAF Mode, on the site WordPress.org Forums:
May I know the name of your webhost? Some hosts require specific actions to be…

Posted a reply to Unknown file, should I keep it or delete ?, on the site WordPress.org Forums:
It is safe. The rules block direct access to a .php script inside the /wp-content/…

Posted a reply to export configuration : can’t download, on the site WordPress.org Forums:
The backup files are different, you can't reimport them from the dashboard. You can reupload…

Posted a reply to block api, on the site WordPress.org Forums:
You could disable the "Firewall Policies > WordPress REST API > Block any access to…

Posted a reply to export configuration : can’t download, on the site WordPress.org Forums:
You can download them over FTP, they are all "wp-content/nfwlog/cache/backup_xxxxxx.php" files.

Posted a reply to block api, on the site WordPress.org Forums:
Can you paste here the firewall's log line that shows why Rankmath was blocked?

Posted a reply to export configuration : can’t download, on the site WordPress.org Forums:
Try to edit the code to save the file to disk instead.Comment out these 4…

Posted a reply to export configuration : can’t download, on the site WordPress.org Forums:
Do you have a security application, either on your server or maybe your desktop computer…

Posted a reply to NinjaScanner stalls on step 5, on the site WordPress.org Forums:
Maybe click on the "Console" tab in the browser's console, I think it should display…

Posted a reply to exclude plugin, on the site WordPress.org Forums:
<?php // Users of Cloudflare CDN: if (! empty($_SERVER["HTTP_CF_CONNECTING_IP"]) && filter_var($_SERVER["HTTP_CF_CONNECTING_IP"],FILTER_VALIDATE_IP)) { $_SERVER["REMOTE_ADDR"] = $_SERVER["HTTP_CF_CONNECTING_IP"];…

Posted a reply to NinjaScanner stalls on step 5, on the site WordPress.org Forums:
The scanner sends AJAX requests and expects a JSON-encoded response for each of them. It…

Posted a reply to exclude plugin, on the site WordPress.org Forums:
Do you see any error message?

Posted a reply to exclude plugin, on the site WordPress.org Forums:
Add the code to the .htninja script, it works on Litespeed, Apache and Nginx.

Posted a reply to exclude plugin, on the site WordPress.org Forums:
In the free version, there's no whitelist, but can can still use the .htninja script…

Posted a reply to Using the “Captcha”-like page before WP Login for one other page possible?, on the site WordPress.org Forums:
It only works with the wp-login.php script, I'm afraid.

Posted a reply to Full-WAF and HTTP-Auth, on the site WordPress.org Forums:
Can you check the HTTP and also the PHP error log to see if there's…

Posted a reply to Privilege escalation issue, on the site WordPress.org Forums:
I can't reproduce the problem. Whether the user has Subscriber + Editor role or Editor…

Posted a reply to User enumeration scan under DEBUG_ON, on the site WordPress.org Forums:
When the debug mode is enabled, nothing is blocked: the two user enumeration scans were…

Posted a reply to Login issue – Google reCAPTCHA failed. Is it should be related to the settings, on the site WordPress.org Forums:
Disabling the "Sanitise HTTP_REFERER" is better for you (according to your logs), even if it…

Posted a reply to Login issue – Google reCAPTCHA failed. Is it should be related to the settings, on the site WordPress.org Forums:
I can't reproduce the problem. I tested both plugins together with NinjaFirewall running in either…

Posted a reply to Login issue – Google reCAPTCHA failed. Is it should be related to the settings, on the site WordPress.org Forums:
Have you try to only disable the login protection option, but keep the firewall activated?You…

Posted a reply to Login issue – Google reCAPTCHA failed. Is it should be related to the settings, on the site WordPress.org Forums:
There's nothing in the log that seems related to your issue. However, according to what…

Posted a reply to Login issue – Google reCAPTCHA failed. Is it should be related to the settings, on the site WordPress.org Forums:
I don't think the login protection is the issue.Did you check the firewall's log if…

Posted a reply to Missing Lock File | Scan does not finish, on the site WordPress.org Forums:
That seems to be the problem: It looks like your server timed out before the…

Posted a reply to Missing Lock File | Scan does not finish, on the site WordPress.org Forums:
It is unlikely related to your PHP version because NinjaScanner was tested with PHP 8.2.…

Posted a reply to Missing Lock File | Scan does not finish, on the site WordPress.org Forums:
Maybe there's a memory or timeout issue. Can you enable debugging in WordPress and see…

Posted a reply to Oxygen Builder wont load correctly, on the site WordPress.org Forums:
Open your browser's console (CTRL + Shift + J) and paste here the message that…

Posted a reply to Scan results, on the site WordPress.org Forums:
Maybe there's another application installed on your server (by your host, such as ModSecurity) that…

Posted a reply to emails File Guard detection could not be delivered, on the site WordPress.org Forums:
This is your hostname. Check with your hosting panel if you can change it to…

Posted a reply to emails File Guard detection could not be delivered, on the site WordPress.org Forums:
File Guard works before WordPress loads, hence it can't use your blog configuration. You can…

Posted a reply to Request cannot be processsed, on the site WordPress.org Forums:
You'd need to use the panel search feature to scan those files for the session_start…

Posted a reply to More options for Force Http only flag?, on the site WordPress.org Forums:
It's not possible to exclude one or more cookies in the WP and WP+ Edition.…

Posted a reply to Request cannot be processsed, on the site WordPress.org Forums:
Can you scan the wp-content/plugins and wp-content/themes folder for session_start in all PHP files? I…

Posted a reply to Request cannot be processsed, on the site WordPress.org Forums:
That's not normal: if you're the admin, whatever you do is whitelisted. Maybe you have…

Posted a reply to Request cannot be processsed, on the site WordPress.org Forums:
It is very unusual to be blocked by that firewall policy. In most cases, the…

Posted a reply to Request cannot be processsed, on the site WordPress.org Forums:
Go to the "Firewall Policies" page, click the "Intermediate Policies" tab, scroll down to "Block…