HEX
Server: Apache
System: Linux WWW 6.1.0-40-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.153-1 (2025-09-20) x86_64
User: web11 (1011)
PHP: 8.2.29
Disabled: NONE
$ pwd: /var/www/biblioteka/wp-content/plugins/ninjafirewall/
Upload Files
File: /var/www/biblioteka/wp-content/plugins/ninjafirewall/.htninja.sample
<?php
/*
 +============================================================================================+
 | NinjaFirewall optional configuration file                                                  |
 |                                                                                            |
 | See: https://blog.nintechnet.com/ninjafirewall-wp-edition-the-htninja-configuration-file/  |
 |                                                                                            |
 +============================================================================================+
*/

// To tell NinjaFirewall where you moved your WP config file,
// use the '$wp_config' variable :
// $wp_config = '/foo/bar/wp-config.php';



// Users of Cloudflare CDN:
// if (! empty($_SERVER["HTTP_CF_CONNECTING_IP"]) &&
//    filter_var($_SERVER["HTTP_CF_CONNECTING_IP"], FILTER_VALIDATE_IP) ) {
// 	$_SERVER["REMOTE_ADDR"] = $_SERVER["HTTP_CF_CONNECTING_IP"];
// }


// Users of Incapsula CDN:
// if (! empty($_SERVER["HTTP_INCAP_CLIENT_IP"]) &&
//    filter_var($_SERVER["HTTP_INCAP_CLIENT_IP"], FILTER_VALIDATE_IP) ) {
// 	$_SERVER["REMOTE_ADDR"] = $_SERVER["HTTP_INCAP_CLIENT_IP"];
// }


// Whitelist/blacklist whatever you want:
//
// Return codes:
// 	'ALLOW' == Allow and stop filtering (whitelist).
// 	'BLOCK' == Reject immediately (blacklist).
//
// Any other return code will be ignored
//
// Note that if you use 'ALLOW'/'BLOCK', nothing will be written
// to the firewall log.

// Whitelist single IP 1.2.3.4:
// if ( $_SERVER["REMOTE_ADDR"] == '1.2.3.4' ) {
// 	return 'ALLOW'; // whitelist
// }

// Whitelist IPs 1.1.1.1, 2.2.2.2 and 3.3.3.3:
// $ip_array = array( '1.1.1.1' , '2.2.2.2' , '3.3.3.3' );
// if ( in_array( $_SERVER["REMOTE_ADDR"], $ip_array ) ) {
// 	return 'ALLOW'; // whitelist
// }

// Whitelist all IPs from 1.1.1.1 to 1.1.1.255:
// if ( preg_match( '/^1\.1\.1\.\d+$/', $_SERVER["REMOTE_ADDR"] ) ) {
// 	return 'ALLOW'; // whitelist
// }

// Blacklist single IP 1.2.3.4:
// if ( $_SERVER["REMOTE_ADDR"] == '1.2.3.4' ) {
// 	return 'BLOCK'; // blacklist
// }

// Blacklist IPs 1.1.1.1, 2.2.2.2 and 3.3.3.3:
// $ip_array = array( '1.1.1.1' , '2.2.2.2' , '3.3.3.3' );
// if ( in_array( $_SERVER["REMOTE_ADDR"], $ip_array ) ) {
// 	return 'BLOCK'; // blacklist
// }

// Blacklist all IPs from 1.1.1.1 to 1.1.1.255:
// if ( preg_match( '/^1\.1\.1\.\d+$/', $_SERVER["REMOTE_ADDR"] ) ) {
// 	return 'BLOCK'; // blacklist
// }


// Do not filter any HTTP request sent to a script located inside the /myfolder/ directory:
// if (strpos($_SERVER['SCRIPT_FILENAME'], '/myfolder/') !== FALSE) {
// 	return 'ALLOW';
// }

// Advanced filtering :
// Block immediately a POST request if it contains a 'whatever' variable
// sent to a script named 'script.php' :
// if ( isset($_POST['whatever']) && strpos($_SERVER['SCRIPT_NAME'], 'script.php') !== FALSE ) {
// 	return 'BLOCK';
// }



// do not add anything below this line.
@ Telegram