NinjaFirewall (WP Edition) is a free Web Application Firewall from NinTechNet. It works before WordPress is loaded and offers totally unique and very powerful security features not found in any other plugin.
It can hook, scan, sanitise and reject HTTP requests sent to any PHP script, including those that aren't part of the WordPress package. Even third-party applications, encoded scripts and hackers backdoors are filtered as well.
It can protect against remote and local file inclusion, cross-site scripting, code execution, SQL injections. It can manipulate and secure HTTP headers as well as cookies, detect and decode Base64-encoded injection attempts, block file uploads and many other threats.
By processing incoming HTTP requests before your blog and its plugins, NinjaFirewall is able to protect WordPress against very large brute-force attacks, including distributed attacks coming from several thousands of different IPs.
- Full standalone web application firewall. Works before WordPress is loaded.
- Large set of security rules and firewall policies.
- File integrity monitoring.
- Real-time detection.
- Fastest and most efficient brute-force attack protection for WordPress.
- Events notification.
- Live Log to watch your website traffic in real time.
- Activity log with statistics and benchmarks.
- Fully compatible with IPv6
- Multisite network compatible.
- Low footprint firewall.
- Contextual help.