Full WAF: what is to be checked ?

  • Resolved gabier2

    (@gabier2)


    4 years, 6 months ago

    I have 2 sites, both of them are wordpress sites, and both have Ninja Firewall installed. I am quite pleased with Ninja Firewall features.
    My problem is that one of them is running Ninja Firewall with full WAF enabled, and the other one cannot have it enabled. The option’s button is not enabled and clicking on it has no effect.
    This one does not work : https://www.jfgalerie.fr
    This one works : https://www.chomage-et-monnaie.org
    Both sites are hosted by the same ISP (OVH) and they have the same basic features apparently. There must be something different, though, and I wish to find out what this difference is that creates the problem.
    What should be checked and how ? The plugin page warns that to get full waf working, “Server must allow the use of auto_prepend_file PHP directive.”
    OK but how do I check that ? In both site I have set the PHP level at 5.5, although the ISP allows for 7.3.

    ?? gabier

    The page I need help with: [log in to see the link]

Viewing 10 replies - 1 through 10 (of 10 total)
  • Plugin Author nintechnet

    (@nintechnet)

    Do you mean that there is the “Activate Full WAF mode” button, but it cannot be clicked (or it is disabled)?

    Try the troubleshooter script: https://nintechnet.com/share/wp-check.txt
    Upload it to the site where you cannot enable the “Full WAF” mode and paste the results here.

    Thread Starter gabier2

    (@gabier2)

    Yes nintechnet, the button looks OK and can be clicked, but nothing happens.
    Here is the result of the script

    NNinjaFirewall (WP edition) troubleshooter
    HTTP server : Apache
    PHP version : 7.2.31
    PHP SAPI : CGI-FCGI

    auto_prepend_file : none
    wp-config.php : found in /home/jfgaleri/www/wp-config.php
    NinjaFirewall detection : NinjaFirewall WP Edition is loaded (WordPress WAF mode)

    Loaded INI file : /usr/local/php-config/7.2/php-cgi.ini
    user_ini.filename : .user.ini
    user_ini.cache_ttl : 300 seconds
    User PHP INI : none found

    DOCUMENT_ROOT : /home/jfgaleri/www
    ABSPATH : /home/jfgaleri/www/
    WordPress version : 5.5
    WP_CONTENT_DIR : /home/jfgaleri/www/wp-content
    Plugins directory : /home/jfgaleri/www/wp-content/plugins
    User Role : Administrator
    User Capabilities : manage_options: OK – unfiltered_html: OK
    Log dir permissions : /home/jfgaleri/www/wp-content/nfwlog dir is writable
    Cache dir permissions : /home/jfgaleri/www/wp-content/nfwlog/cache dir is writable

    NinjaFirewall (WP edition) troubleshooter v1.9.1

    ?? gabier

    Plugin Author nintechnet

    (@nintechnet)

    Open your browser’s console (CTRL + shift + j) and click on the “Full WAF” button. Do you see any error in the console?
    It looks like you have a plugin or a theme that is messing with the JS or CSS code.

    Thread Starter gabier2

    (@gabier2)

    I did that but nothing appeared at the console when I clicked on the “Activate the Full WAF Mode” button in the Ninja Dashboard page.
    I have not inserted any js code in this site. As for the CSS what do you mean by “messing with the CSS code ” ?
    ?? gabier2

    Plugin Author nintechnet

    (@nintechnet)

    It uses WordPress thickbox to display the pop-up box. I’ve once seen a plugin that was making issue with thickbox.
    Can you try to disable your plugins one by one and check if the button works?

    Hello Nintechnet,
    I did disable plugins one by one as you suggested. It did not change anything until the last one. When I disabled the last one (WP All import Pro), the Ninja button “Activate full WAF” did work, the page with full waf options appeared. But when I clicked on “End” (“Finaliser” in french), an error message popped up : “Erreur: NinjaFirewall est désactivé” (NinjaFirewall is dis-activated) and I cannot go further.
    This not true indeed because I cannot access to Ninja dashboard if it is not activated.
    what next ?
    ?? gabier

    • This reply was modified 4 years, 6 months ago by gabier.
    Plugin Author nintechnet

    (@nintechnet)

    There a JS error in “WP All import” plugin. You can see it in the browser console, when you click on any menu or pages in the WordPress admin backend:

    It breaks the “click” event used for the button.
    You would need to contact the developer so that they can fix it.

    If you have problem to finish the installation, select “I want to make the changes myself” and follow the instructions.

    • This reply was modified 4 years, 6 months ago by nintechnet.
    Thread Starter gabier2

    (@gabier2)

    Hello nintechnet,
    Thank you for your patience.
    I could not reproduce the error in the console, but never mind, I can de-activate Wp All Import or even uninstall it because I do not need it often.
    When deactivated, I tried to go through ninja tuning. I clicked on “Activate Full WAF” and I had again the option page.
    As you suggested I chose “Je veux faire les changements moi-même” (I want to do all changes myself” and I had to insert .user.ini file in the www folder of the site.
    But when clicking on “Finish” I had an error
    “Erreur : Le serveur HTTP a retourné le code d\’erreur suivant : “500 Internal Server Error”.
    Approximate translation : “Error: the HTTP server has returned the following error code :’500 internal Server Error'”
    I found somewhere that such an error can be cause by a bad option in the .access file. That is why I post below my .access file. 

    # BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

Options -indexes
ServerSignature Off

SetEnv PHP_VER 5_5

<Files ~ "^.*\.([Hh][Tt][Aa])">
order allow,deny
deny from all
satisfy all
</Files>
 
<files wp-config.php>
order allow,deny
deny from all
</files>

# Wordfence WAF
<Files ".user.ini">
<IfModule mod_authz_core.c>
	Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
	Order deny,allow
	Deny from all
</IfModule>
</Files>

# END Wordfence WAF
    Plugin Author nintechnet

    (@nintechnet)

    I don’t see anything wrong with your .htaccess.
    Did you check the server error log (HTTP and PHP logs)? It should be written why your site crashed.

    Thread Starter gabier2

    (@gabier2)

    Hello nintechnet,
    Indeed the site had crashed! You noticed it before me !! My first task was to restore it. Fortunately it does not change very often, I can use the automatic backups of my ISP.
    I try now to find the error logs. I haven’t succeeded yet

Viewing 10 replies - 1 through 10 (of 10 total)
  • The topic ‘Full WAF: what is to be checked ?’ is closed to new replies.