Firewall is blocking whitelisted IP’s

  • poppydev

    (@poppydev)


    1 year, 4 months ago

    Hi team,

    Not sure what is going on here but cannot get a plugin from another website to be able to login using xml-rpc.

    It had taken me ages to figure out what security plugin was causing it when all my security plugins (CDN firewalls) allow xml-rpc from a whitelisted I.P.

    Security plugin setup is:

    AIOS (This works fine and IP is whitelisted on this plugin)
    SolidSecurity (This doesn’t work even though the IP is whitelisted)
    CDN Cloudflare (IP is whitelisted to allow use of xml-rpc and works fine)

    I have checked everything and not sure what is causing this:

    I have Whitelisted the I.P in
    Global Settings: Authorized IPs: IP Address
    Firewall Rules: Filed: IP Address: Operator: equals: Value: (Same IP used in Global Settings).

    Even with disabling all firewall settings like Ban count, Lockout count etc, nothing happens.

    What I have noticed in the Firewall log, the IP is seen as being ‘LOCKED’ but when checking IP Management tab under ‘Firewalls ‘Active Lockout’ nothing is blocked in the Logs. It’s ‘All Clear!’. Even the Authorised IPs has the IP in there as well under the firewall section.

    I know its the plugin as when I disable it and clear my CDN/plugin caches try and login in again from the plugin (that is on another website) it works.

    So why does this happen and how can I fix it?

    Regards

Viewing 6 replies - 1 through 6 (of 6 total)
  • Thread Starter poppydev

    (@poppydev)

    1 year, 4 months ago

    What is the waiting time for help on here?

    Plugin Support Brent Wilson

    (@bwbama)

    1 year, 4 months ago

    Hello,

    Glad you reached out here and apologies for the slow turnaround.

    The first thing that jumps out to me is that you are using two Security plugins, which is never recommended. Both plugins seem to attach themselves to the same parts of WordPress, which can easily cause conflicts. If AIOS is disabled and Solid Security is left enabled, does the issue persist?

    Another area to look at is your .htaccess file or nginx.conf file. Is the IP address that you whitelisted listed within these files, depending on your web server choice?

    I’d love to hear more about why you are using AIOS along side Solid Security, as maybe we can help get you squared away to only using Solid Security with a future update!

    Sincerely,

    Brent Wilson
    WordPress Support Technician

    Thread Starter poppydev

    (@poppydev)

    1 year, 4 months ago

    Hi Brent,

    Thank you for getting back to me, and sorry for the late reply.

    I use both security plugins and have done for over 5 years now without any issues or conflicts if setup correctly. Both AIOS and Solid Security have different methods of security and some setting are missing from each one but when setup correctly they both work well together. More so with me being on the ‘Free’ tier for both.

    I know this isn’t the issue as the plugin I am using (PS Posters) on another site works when I disable Solid Security plugin on the site in question.

    I have whitelisted the IP that is being blocked on both plugins to be sure, but Solid Security seems to still be blocking this even though it shouldn’t be.

    The plugin I am using relies on WP XML-RPC to allow it to access the login path of another site. The sole purpose of the plugin is to allow it to send content to social networking platforms and WordPress sites.

    I will share a screenshot of the issues I am facing below:

    PS Poster on social.poppysigns.co.uk connection error: https://prnt.sc/ZouUbAQ24NiN

    Solid Security firewall issue: https://prnt.sc/cc80M2Prpmn-

    Solid Security firewall rule (whitelisted IP that is effected): https://prnt.sc/2vc6OI2S_Fr0

    Solid Security no firewall blocks logs: https://prnt.sc/HKOzlReNXlrb

    Solid Security firewall whitelist rule: https://prnt.sc/-85NfaMoBSLX

    Any help or advice to why this is happening is welcomed. I don’t really want to remove the Solid plugin if I can help it as its used on all our sites and the PS Posters plugin will be used for most or all of them.

    All I need to do is remove the IP block somehow as the plugin doesn’t see it and it should start working again now that I have added a rule in the Firewall foe Solid Security.

    Plugin Support chandelierrr

    (@shanedelierrr)

    1 year, 4 months ago

    Hi @poppydev, apologies for the slow turnaround here! We’ve been kind of busy bees in SolidWP the past week.

    First, I’d like to clarify that the “Active Lockouts” section only show temporary active lockouts that have happened within 15minutes. So if you’re viewing that section and the active lockout time has passed, it won’t show up there anymore. Still, it’s viewable via the Security Logs.

    As for the conflict with FS Poster plugin, it looks like the issue isn’t due to its IP address not being whitelisted within Solid Security, but instead, due to its feature of needing to execute a PHP script within the WP Plugins folder.

    If you have the Disable PHP in Plugins setting enabled in Security > Settings > Features > Advanced > System Tweaks – PHP Execution the conflict occurs. To resolve it, you need to deactivate this setting within Solid Security. See the similar thread here: https://ww.wp.xz.cn/support/topic/i-can-no-longer-use-the-fs-poster-plugin/

    Let us know if this works!

    Thread Starter poppydev

    (@poppydev)

    1 year, 3 months ago

    Hi chandelierrr,

    Sorry my reply was late. Forgot about this until now. I have checked the domain that is effected, and the settings you suggested to change are already like this:

    https://tinyurl.com/294opjqh

    The only way to get this to work is by disabling your plugin. It is definitely something to do with the firewall settings. Even though it might disappear after so many minutes there is no way of me being able to “Allow” it. Even if I have it whitelisted the block manually, for some reason it is being overridden somehow.

    Is there anything in the .htaccress that might be the issue?
    Is there a rule I can add in wp-config to disable the firewall feature?

    I have tried everything, disabling all setting. Is there a way to remove everything from the plugin and start a fresh?

    Any help or advice is welcomed.

    Regards

    Thread Starter poppydev

    (@poppydev)

    1 year, 3 months ago

    Absolutely shocked in the lack of reply. Busy or not your support is non existent.

    I have resolved it myself. Not wating over a week for help.

Viewing 6 replies - 1 through 6 (of 6 total)

The topic ‘Firewall is blocking whitelisted IP’s’ is closed to new replies.

Tags