If your installation of NinjaFirewall requires a PHP INI file (php.ini, .user.ini, php5.ini) you may need to deny access to it, depending on your webserver configuration.
Apache HTTP server
You can edit (or create) the .htaccess file located inside the same directory as your INI file:
<IfModule mod_rewrite.c> RewriteEngine On RewriteRule \.ini$ - [F,L] </IfModule>
Nginx HTTP server
Edit your vhost configuration file and add the following directive inside the server{...} section:
server {
...
location ~ \.ini$ {
return 444;
}
...
}
Note: “444” is a special nginx’s non-standard code that will shut down the connection without returning any HTTP response.
Reload your Nginx server:
# service nginx reload