NinjaFirewall WP+ : the supercharged edition.
NinjaFirewall (WP+ Edition) is a supercharged edition of our Web Application Firewall. It adds many new exciting features and blazing fast performances to make it the fastest and most advanced security plugin for WordPress.
1. Shared Memory use
Although NinjaFirewall is already much faster than other WordPress plugins, the WP+ Edition brings its performance to a whole new level by using Unix shared memory in order to speed things up even more. This allows easier and faster inter-process communication between the firewall and the plugin part of NinjaFirewall and, because its data and configuration are stored in shared memory segments, the firewall does not need to connect to the database any more. This dramatically increases the processing speed (there is nothing faster than RAM), prevents blocking I/O and MySQL slow queries. On a very busy server like a multi-site network, the firewall processing speed will increase from 25% to 30%.
This option can be enabled from the "Firewall Options" menu:
This feature requires that PHP was compiled with the
If your server is not compatible (e.g., basic shared hosting account), you can still install and run NinjaFirewall as usual.
You can use it even if you have a site with a very small amount of memory available, because NinjaFirewall will require around 20KB of shared memory only.
2. Access Control
Access Control is a powerful set of directives that can be used to allow or restrict access to your blog, depending on the User Role, IP, Geolocation, Requested URL, User-agent and visitors behavior (Rate Limiting). Those directives will be processed before the Firewall Policies and NinjaFirewall's built-in security rules. You can enable/disable firewall logging (Log event checkbox) for each access control directive separately.
NinjaFirewall includes GeoLite data created by MaxMind, available from http://www.maxmind.com/
3. Web Filter
NinjaFirewall (WP+ Edition) can protect your blog comment and registration forms against spam. The protection is totally transparent to your visitors and does not require any interaction: no CAPTCHA, no math puzzles or trivia questions. Extremely easy to activate, but powerful enough to make spam bots life as miserable as possible:
NinjaFirewall antispam feature works only with WordPress built-in comment and registration forms. If you are using third-party plugins to generate your forms, they will not be protected against spam.
5. Improved features
NinjaFirewall (WP+ Edition) makes it possible to allow uploads while rejecting potentially dangerous files: system files (.htaccess, .htpasswd. php.ini), scripts (bash/shell, PHP, Ruby, Perl/CGI, Python), C/C++ source code and Unix/Linux binary files (ELF). You can easily limit the size of each uploaded file too, without having to modify your PHP configuration:
The "Firewall Log" menu has been revamped too. You can disable the firewall log, delete the current log, enable log rotation based on the size of the file and, if any, view each rotated log separately. Filtering options are quickly accessible from checkboxes:
Click here to compare the WP and WP+ editions.
Rev.: 1.01 2014-03-25 : added "Firewall Log" screenshot.