Skip to main content

Firewall plugins

Important information to consider if you plan on using a firewall plugin in addition to our security features.

Jan Hornung avatar
Written by Jan Hornung
Updated over 3 years ago

Plugin firewalls are software firewalls that can detect security vulnerabilities in plugins and themes and prevent malicious code from getting into your site.

⚠️ Configuring the plugins after installation is important so they don't conflict with our server-side security measures.

The necessary settings vary from plugin to plugin. Here we show you the settings you need to make for Ninja Firewall.

Select the mode

After installing and activating the plugin, Ninja Firewall displays its own installation process. At the start of the installation, you have to select the mode in which the plugin should be installed. Select the WordPress WAF mode.

Important: Full mode requires access to the WordPress core files and therefore doesn't work on our infrastructure. For security reasons, we do not allow plugins and themes access to the WordPress core.

💡 Info: Full mode requires access to the WordPress core in order to provide additional security. But we've already implemented the security system with our restricted core access. Full Mode is therefore no longer necessary with our hosting.

Set special entry in wp-config.php

After choosing the mode, Ninja Firewall will give you a predefined special entry for wp-config.php.

Important: You can ignore the snippet that Ninja Firewall shows. Use the code below and enter it as a special entry in your wp-config.php.

// BEGIN NinjaFirewall

if (! defined("WP_CLI") ) {

if ( file_exists( __DIR__ . "/wp-content/plugins/ninjafirewall/lib/firewall.php" ) && ! defined( "NFW_STATUS" ) ) {

@include_once( __DIR__ . "/wp-content/plugins/ninjafirewall/lib/firewall.php" );

define( "NFW_WPWAF", 1 );

}

}

// END NinjaFirewall

You can add special entries by editing the wp-config.php file directly in your Box settings. Simply copy the code into the text field and save your entry.

Why can't I use the Ninja Firewall code?

Since our system handles WP-CLI and XML-RPC, the code has to be adapted.

Please note: You can see that our system already covers many functions of the plugin. This means you can only really use the firewall functionality of Ninja Firewall. You should avoid changing the settings for some advanced features.

If you're fully aware of the consequences, you can, of course, still change the settings. Please note, however, that the following features are already offered at Raidboxes:

  • SSO: You can manage Single Sign On via the Raidboxes Dashboard.

  • SSL: SSL is also controlled via the Raidboxes Dashboard. You don't need to configure it via the Ninja Firewall settings.

  • XML-RPC: You can activate or deactivate the blocking of the XML-RPC interface directly via your Box settings.

Did this answer your question?