Table of contents


An introduction to NinjaFirewall filtering engine.Featured post

Starting from version 3.0, NinjaFirewall, our Web Application Firewall for PHP (Pro and Pro+ Edition) and WordPress (WP and WP+ Edition), includes a... »

NinTechNet changelog.

This is the global changelog for all our products and services. For more details, please refer to corresponding release notes (e.g., readme.txt... »


NinjaScanner: A powerful antivirus scanner for WordPress.

NinjaScanner is a lightweight, fast and powerful antivirus scanner for WordPress which includes many features to help you scan your blog... »

Syslog logging with NinjaFirewall.

NinjaFirewall WP+ (3.5.4), Pro and Pro+ (3.2.12) introduce a long awaited feature, Syslog logging: Syslog is a way for network... »

NinjaFirewall PHP sessions debugging.

NinjaFirewall (WP and WP+ Edition) v3.4.3 introduces two new constants to help you debug potential PHP session issues such as whitelisted users... »

Impedance mismatch: a hacker's best friend.

A security application, such as a Web Application Firewall or an Anti-Virus, can be vulnerable to impedance mismatch attacks if it interprets traffic and... »

NinjaFirewall Full WAF vs WordPress WAF modes.

Since version 3.4, NinjaFirewall (WP and WP+) can be installed in two different modes: Full WAF or WordPress WAF. Full WAF mode In... »

Hackers targeting web hosts customer accounts.

Companies such as web hosts, registrars and CDNs have become a prime target for hackers. Because they host your DNS, hackers can alter them... »

Arbitrary file upload vulnerability in WordPress Delete-All-Comments plugin.

While auditing a hacked WordPress website, we identified a critical vulnerability in the Delete All Comments WordPress plugin v2.0, which has over 30,... »

Latest Joomla! critical vulnerability being actively exploited in the wild.

Joomla! 3.6.4 was released on October 25. It fixed three critical vulnerabilities: CVE-2016-8869, CVE-2016-8870 and CVE-2016-9081. The third one was discovered two... »

Centralized logging with NinjaFirewall.

Users of the premium WP+ and Pro+ Edition of our web application firewall, NinjaFirewall, can remotely access the firewall log of all their NinjaFirewall... »

Blocking a WordPress XML-RPC attack with the Linux kernel firewall.

One of our customers faced a large attack against his WordPress blog xmlrpc.php script. When I connected to his server, the CPU load... »

Adding your own signatures to NinjaFirewall Anti-Malware.

Starting from version 3.2, NinjaFirewall (WP / WP+ Edition) includes a new feature: Anti-Malware. It allows you to scan your website for malware. It... »

All In One WP Security & Firewall multiple XSS vulnerabilities (<=4.0.7).

NinTechNet identified multiple XSS vulnerabilities in the All In One WP Security & Firewall v4.0.7 plugin. The affected parameter was 'tab' (all... »

How to upgrade NinjaFirewall WP/Pro to the WP+/Pro+ Edition.

This article covers the steps to follow if you want to upgrade from the free NinjaFirewall WP or Pro Edition to the WP+ or... »

Anatomy of the EICAR Antivirus Test File.

A customer using NinjaFirewall (WP+), our Web Application Firewall for WordPress, asked us to explain what was the meaning of this line, found in... »

Announcing NinjaFirewall Referral Program.

We are happy to launch today our NinjaFirewall Referral Program. You can earn up to 20% for every payment made by a user who... »

Malicious plugins hosted in the WordPress Plugin repository.

While cleaning-up an infected server today, I came across this plugin: Breadcrumb shortcode (slug: breadcrumbs-ez). It was downloaded from the WordPress official repository but... »

Fake WordPress plugin repository distributing malware.

We mentioned a few weeks ago fake WordPress websites used by hackers to distribute malware via malicious plugins installed on their victims blog. Hackers... »

Protecting NinjaFirewall's PHP INI file.

If your installation of NinjaFirewall requires a PHP INI file (php.ini, .user.ini, php5.ini) you may need to deny access to it,... »

Upgrading to PHP 7 with NinjaFirewall installed.

All editions of NinjaFirewall (WP, WP+, Pro and Pro+) are compatible with the latest PHP 7. However, because the firewall needs to be loaded... »

Restricting access to NinjaFirewall (WP Edition) settings.

Starting from version 1.8.1, it is possible to restrict access to NinjaFirewall (WP+/WP Edition) menu and settings. Note: Restrictions apply to... »

Fake wordpress-update.com site used to distribute malware via malicious plugins.

In recent days, we have worked on several infected WordPress websites that all had the particularity of having the same malicious plugin installed: Hackers... »

WordPress brute-force attack detection plugins comparison (2015 edition).Featured post

Following our 2013 benchmarks, we received quite a lot of requests to perform new ones and, this time, to include a category of plugins... »

Blocking WordPress XMLRPC brute-force amplification attacks with NinjaFirewall.

October 15, 2015 Update: Starting from version 1.7, NinjaFirewall WP/WP+ includes a protection against such attacks which can be enabled from the... »

Critical vulnerability in Swift Security Hide WordPress Firewall plugin leads to phishing attack.

This is a very interesting spear phishing attack case that we had to deal with this week. Spear phishing are attempts directed at a... »

How to block web vulnerability scanners with iptables.Featured post

We are often asked how to block the DFind vulnerability scanner (A.K.A. "w00tw00t.at.ISC.SANS.DFind") with NinjaFirewall, our Web Application... »

Migrating a website with NinjaFirewall installed.

In order to migrate your site with NinjaFirewall installed, it is important to follow those steps: WP/WP+ Edition 1 . Log in to your... »

Jetpack Protect: IP spoofing and improper data validation allow security feature bypass.Featured post

Since version 3.4, the popular Jetpack by WordPress.com plugin (15+ million downloads / 1+ million active installs) includes Jetpack Protect, a module "to... »

NinjaFirewall WP/WP+ introduces automatic updates for security rules.

Starting from WP v1.4 and WP+ v1.2, NinjaFirewall introduces a new feature: It offers the possibility to automatically update the firewall security... »

Testing NinjaFirewall without blocking your visitors.

NinjaFirewall is a powerful web application firewall. When implemented in a production environment, it does not take more than a few hours before its... »

Troubleshoot NinjaFirewall installation problems.Featured post

Failed installation This is the most common problem experienced by some users. At the end of the installation process, it displays the Error: the... »

Installing NinjaFirewall with HHVM (HipHop Virtual Machine).

We have been testing for a while our NinjaFirewall sofware running on HHVM (HipHop Virtual Machine), an interesting alternative to PHP. Compatibility test with... »

Securing a Joomla! installation with NinjaFirewall (Pro+).

NinjaFirewall (Pro+ edition) Access Control is a powerful set of directives that can be used to efficiently protect a website. In this article, we... »

Many popular WordPress security plugins vulnerable to IP spoofing.Featured post

A WordPress user who was facing a small brute-force attack asked us for help. He was using a popular security plugin but, this time,... »

WordPress brute-force attack protection in a production environment.

Following the benchmark tests that we published last year, this article will focus on NinjaFirewall in a production environment, facing two real brute-force attacks.... »

WordPress brute-force attack detection plugins comparison.Featured post

Update: We released a new set of benchmarks in October 2015. Two benchmark tests will be performed against the 5 most popular security plugins... »