NinTechNet

In this article we will see how to provide a very high level of protection to a WordPress blog with a web application firewall:... »

Starting from version 3.0, NinjaFirewall, our Web Application Firewall for PHP (Pro and Pro+ Edition) and WordPress (WP and WP+ Edition), includes a... »

NinjaScanner is a lightweight, fast and powerful antivirus scanner for WordPress which includes many features to help you scan your blog... »

This is the global changelog for all our products and services. For more details, please refer to corresponding release notes (e.g., readme.txt... »

WP-CLI is a command line interface for WordPress. It is a nice and very helpful feature if you want to manage a lot of... »

NinjaFirewall (WP, WP+, Pro and Pro+ Edition) is compliant with the General Data Protection Regulation (GDPR) which will take effect on 25 May 2018.... »

NinjaFirewall (Pro/Pro+ Edition) v3.3 has a brand new user interface. It is responsive, makes use of Bootstrap and jQuery, and looks pretty... »

NinjaScanner v1.2 introduces a new and unique feature, the quarantine sandbox... »

While cleaning up several hacked WordPress blogs, we identified a critical vulnerability in the LearnDash LMS plugin v2.5.3 that allows an unauthenticated... »

A phishing attack has been targeting Magento shop owners for the past 24 hours attempting to steal their login credentials. A so-called customers send... »

NinjaFirewall WP+ (3.5.4), Pro and Pro+ (3.2.12) introduce a long awaited feature, Syslog logging: Syslog is a way for network... »

NinjaFirewall (WP and WP+ Edition) v3.4.3 introduces two new constants to help you debug potential PHP session issues such as whitelisted users... »

A security application, such as a Web Application Firewall or an Anti-Virus, can be vulnerable to impedance mismatch attacks if it interprets traffic and... »

Since version 3.4, NinjaFirewall (WP and WP+) can be installed in two different modes: Full WAF or WordPress WAF. Full WAF mode In... »

Companies such as web hosts, registrars and CDNs have become a prime target for hackers. Because they host your DNS, hackers can alter them... »

While auditing a hacked WordPress website, we identified a critical vulnerability in the Delete All Comments WordPress plugin v2.0, which has over 30,... »

Joomla! 3.6.4 was released on October 25. It fixed three critical vulnerabilities: CVE-2016-8869, CVE-2016-8870 and CVE-2016-9081. The third one was discovered two... »

Users of the premium WP+ and Pro+ Edition of our web application firewall, NinjaFirewall, can remotely access the firewall log of all their NinjaFirewall... »

One of our customers faced a large attack against his WordPress blog xmlrpc.php script. When I connected to his server, the CPU load... »

Starting from version 3.2, NinjaFirewall (WP / WP+ Edition) includes a new feature: Anti-Malware. It allows you to scan your website for malware. It... »

NinTechNet identified multiple XSS vulnerabilities in the All In One WP Security & Firewall v4.0.7 plugin. The affected parameter was 'tab' (all... »

This article covers the steps to follow if you want to upgrade from the free NinjaFirewall WP or Pro Edition to the WP+ or... »

A customer using NinjaFirewall (WP+), our Web Application Firewall for WordPress, asked us to explain what was the meaning of this line, found in... »

We are happy to launch today our NinjaFirewall Referral Program. You can earn up to 20% for every payment made by a user who... »

While cleaning-up an infected server today, I came across this plugin: Breadcrumb shortcode (slug: breadcrumbs-ez). It was downloaded from the WordPress official repository but... »

We mentioned a few weeks ago fake WordPress websites used by hackers to distribute malware via malicious plugins installed on their victims blog. Hackers... »

If your installation of NinjaFirewall requires a PHP INI file (php.ini, .user.ini, php5.ini) you may need to deny access to it,... »

All editions of NinjaFirewall (WP, WP+, Pro and Pro+) are compatible with the latest PHP 7. However, because the firewall needs to be loaded... »

Starting from version 1.8.1, it is possible to restrict access to NinjaFirewall (WP+/WP Edition) menu and settings. Note: Restrictions apply to... »

In recent days, we have worked on several infected WordPress websites that all had the particularity of having the same malicious plugin installed: Hackers... »

Following our 2013 benchmarks, we received quite a lot of requests to perform new ones and, this time, to include a category of plugins... »

October 15, 2015 Update: Starting from version 1.7, NinjaFirewall WP/WP+ includes a protection against such attacks which can be enabled from the... »

This is a very interesting spear phishing attack case that we had to deal with this week. Spear phishing are attempts directed at a... »

We are often asked how to block the DFind vulnerability scanner (A.K.A. "w00tw00t.at.ISC.SANS.DFind") with NinjaFirewall, our Web Application... »

In order to migrate your site with NinjaFirewall installed, it is important to follow those steps: WP/WP+ Edition 1 . Log in to your... »

Since version 3.4, the popular Jetpack by WordPress.com plugin (15+ million downloads / 1+ million active installs) includes Jetpack Protect, a module "to... »

Starting from WP v1.4 and WP+ v1.2, NinjaFirewall introduces a new feature: It offers the possibility to automatically update the firewall security... »

NinjaFirewall is a powerful web application firewall. When implemented in a production environment, it does not take more than a few hours before its... »

Failed installation This is the most common problem experienced by some users. At the end of the installation process, it displays the Error: the... »

We have been testing for a while our NinjaFirewall sofware running on HHVM (HipHop Virtual Machine), an interesting alternative to PHP. Compatibility test with... »

NinjaFirewall (Pro+ edition) Access Control is a powerful set of directives that can be used to efficiently protect a website. In this article, we... »

A WordPress user who was facing a small brute-force attack asked us for help. He was using a popular security plugin but, this time,... »

Following the benchmark tests that we published last year, this article will focus on NinjaFirewall in a production environment, facing two real brute-force attacks.... »

Update: We released a new set of benchmarks in October 2015. Two benchmark tests will be performed against the 5 most popular security plugins... »