Its most important feature is its ability to normalize and transform data from incoming HTTP requests which allows it to detect Web Application Firewall evasion techniques and obfuscation tactics used by hackers, as well as to support and decode a large set of encodings. NinjaFirewall includes the most powerful filtering engine available in a WordPress plugin.
Even encoded PHP scripts, hackers shell scripts and backdoors will be filtered by NinjaFirewall. All scripts located inside the blog installation directories and sub-directories will be protected, including those that aren’t part of the WordPress package. NinjaFirewall can hook, scan, sanitise or reject any HTTP/HTTPS request sent to a PHP script before it reaches WordPress or any of its plugins. It is not compatible with Microsoft Windows. NinjaFirewall requires at least PHP 7.1, MySQLi extension and is only compatible with Unix-like OS (Linux, BSD). It allows any blog administrator to benefit from very advanced and powerful security features that usually aren’t available at the WordPress level, but only in security applications such as the Apache ModSecurity module or the PHP Suhosin extension. Although it can be installed and configured just like a plugin, it is a stand-alone firewall that stands in front of WordPress. NinjaFirewall (WP Edition) is a true Web Application Firewall. Description A true Web Application Firewall
