VPS- Cent Os Install Help..

Maybe you have a server restriction. Are you using any admin panel (cPanel etc) ?

I don’t think that my server is restricted. Its a brand new install of WP with only your plugin.

I am running CSF Firewall and Mod Security. Can’t find any Rules.

My VPS is running CentOS, WHM and Cpanels. I have root access.

Running FCGI, PHP Version 5.4.26
memory_limit= 256mb

What Server Modules, php settings, session settings are needed to enable Ninja Firewall?

Maybe a suPHP restriction ?

Whitelist Mod Security Rules that are being triggered by Ninja Firewall:

In Putty run:

grep YourDomain.com /usr/local/apache/logs/error_log | grep ModSecurity

*Change Domain and path to apache error logs per your environment.

Look for any triggered rules:

Here is a sample;
[Wed Apr 16 20:28:58 2014] [error] [client 23.243.248.121] ModSecurity: Access denied with code 403 (phase 2). Matched phrase “varchar” at ARGS:nfw_conf_arr[phpini_data].
[file “/var/cpanel/cwaf/rules/cwaf_01.conf”] [line “614”] [id “211040”] [msg “COMODO WAF: Blocking SQL injection”] [data “varchar”] [severity “CRITICAL”]
[hostname “www.YourDomain.com”] [uri “/wp-admin/admin.php”] [unique_id “U08gSsDSw-EAAHXmcN8AAAAM”]

Look for ARGS: nfw_conf_arr (nfw=ninja firewall).

After whitelisting 4 rules. I am getting a 500 Internal Server Error.

Surprisingly when I use a php.ini file and not a .user.ini, I get to the “Test Ninja Configuration” button and it loops back to the beginning.

Almost there.

So far, I would say that you must use .user.ini, not php.ini.
Did you try to completely disable modsecurity during the installation process? It may still have some rules blocking it (NinjaFirewall will copy its rules to the DB and modsecurity is messing with it).

No other Mod Security Rules triggered. WHM updated, tweaked some settings.

I recompiled Apache with Easy Apache. Still running FCgi.

In ninjafirewall.php I commented out lines 43, 44 and 46, even with lines working.

NinjaCheck is saying “Warning: session_start(): Cannot send session cache limiter – headers already sent (output started at /home/domain/public_html/ninjacheck.php:25) in /home/domain/public_html/wp-content/plugins/ninjafirewall/ninjafirewall.php on line 45

Don’t have any plugins besides Ninja.

Update 4/19

Decided to use the VPS Server php.ini

Deleted user.ini

Added
auto_prepend_file = /home/domain/public_html/wp-content/plugins/ninjafirewall/lib/firewall.php

to server php.ini

Changed lines in .htaccess to server php.ini
and
Chnaged line 744 & 755 in ninjapfirewall.php

Restarted Apache. No luck.

I think the plugin might need code to use the internal php.ini for certain hosting environments.

After whitelisting 4 rules. I am getting a 500 Internal Server Error.

Did you check you server log about why did you get this error?

.user.ini seems to be the right choice, because the ninjacheck.php script showed it was loaded:

Loaded INI file: /home/directory/public_html/.user.ini

Ideally, it would be better for me to use the server-internal php.ini to preprend Ninja Firewall as a security measure.

None of the logs have any entries.

For example.

I just added a .user.ini to the home/user/public_html
and NinjaCheck.php

Outputs a warning:
Warning: session_start(): Cannot send session cache limiter – headers already sent (output started at /home/domain/public_html/ninjacheck.php:25) in /home/domain/public_html/wp-content/plugins/ninjafirewall/ninjafirewall.php on line 45

Which is”if (! session_id() ) { session_start(); }”

My Headers are already sent out, in a clean install of WordPress and only Ninja Firewall.

So now since I am using Varnish Cache. I got to experiment with it.

Be right back………..

Maybe Varnish is the problem. Does it send any headers (e.g., cookies etc) ?

Varnish caches the dynamic websites in ram. Normally it strips out the cookies and sends out headers.

I have Varnish, NGinx and Apache in reverse proxy.

I will disable Varnish late at night when traffic is slow.

If that’s the problem, I have to figure out a workaround.

I’m smart but I am not sure if I’m that smart. ??

I was also thinking of whitelisting the the server Ip. Will solve anything?

Just thinking.

Is their a custom code for the plugin so it could run without being the first sent out headers?

You can try to whitelist the server IP, maybe that would help. But be careful that your visitors IP will remain filtered by the firewall.

Is their a custom code for the plugin so it could run without being the first sent out headers?

It does not send headers first, but it needs that no headers are being sent before it, otherwise it cannot start a PHP session.

Instead of messing with Varnish or whitelisting IP’s.

I’m going to mess with Nginx config instead.

Trying to get the .user.ini line to nginx. Maybe that will solve the header problem.

auto_prepend_file = /home/user/public_html/wp-content/plugins/ninjafirewall/lib/firewall.php

But can’t find any reference code.

Already tried multiple code =(

I will send you later a small script to attempt to debug the problem.