Firewall Options Being Ignored

  • Resolved softweir

    (@softweir)


    6 years, 7 months ago

    I keep getting entries like this:

    China/Russia attempted a failed login using an invalid username “admin”. https://…/xmlrpc.php

    Despite this being my list of “Immediately block the IP of users who try to sign in as these usernames”:
    admin,Admin,aDmin,adMin,admIn,admiN,ADmin,AdMin,AdmIn,AdmiN,ADMin,ADmIn,ADmiN,ADMIn,ADMiN,ADMIN

    I also have this set to ON – “Enable brute force protection”:
    ON

    Worse, I notice that this option is being ignored – “How long is an IP address blocked when it breaks a rule “:
    12 hours

    Because all the IP blocks I notice are 10 minutes.

    • This topic was modified 6 years, 7 months ago by softweir.
Viewing 12 replies - 1 through 12 (of 12 total)
  • wfdave

    (@wfdave)

    6 years, 7 months ago

    Hi @softweir,

    It does seem like Wordfence is using the default settings instead of the ones that you have set in place.

    Can you send a diagnostics report by going to Wordfence -> Tools -> Diagnostics -> Send Report by Email?

    Use your forum username as the Ticket number, and [email protected] as the email.

    Also, do you have multiple Wordfence installations on your site?

    Dave

    Thread Starter softweir

    (@softweir)

    6 years, 7 months ago

    Thank you for looking into this. I’ve gone ahead and submitted diagnostics.

    Thread Starter softweir

    (@softweir)

    6 years, 6 months ago

    Since then, I upgraded WordPress and plugins, cleared cache – still, the list of logins is being ignored. I feel like maybe it just doesn’t pick up on the xmlrpc ones and only factors the normal login page.

    I realized I missed your question – no, I do not have multiple instances of WordPress or Wordfence, and it isn’t a multi-site either.

    Thread Starter softweir

    (@softweir)

    6 years, 6 months ago

    Went ahead and disabled caching plugin, etc… Nothing is fixing this issue.

    It’s insane that my website is blocking the same IPs over and over again, doing incredibly malicious things, and only banning them for a few minutes. I’m pretty disappointed as I keep seeing other users having issues where options are being ignored. It is weird, because all options load fine in the options.

    Are there things I can look into? A part of the source code? Any advice at all?

    There aren’t great alternatives, so I’m pretty discouraged here.

    Moderator James Huff

    (@macmanx)

    6 years, 6 months ago

    Hi there @softweir I see you reported this thread to the moderators. Please note that we are just the folks who enforce the rules around all of ww.wp.xz.cn.

    Reporting to moderators doesn’t get any faster support, instead it just kind of attracts attention from folks whose radar you probably don’t want to be on. 😉

    If you really do need a moderator, please add a reply letting us know why before you hit the report button.

    Otherwise, please hang in there for the plugin’s support to reply when they can.

    Thread Starter softweir

    (@softweir)

    6 years, 6 months ago

    I had clicked it accidentally trying to find a way to delete this thread.

    It would be great if this thread could be deleted.

    Moderator James Huff

    (@macmanx)

    6 years, 6 months ago

    Please see https://ww.wp.xz.cn/support/forum-user-guide/faq/#my-problem-is-solved-will-you-delete-my-post for our policy on that.

    Thread Starter softweir

    (@softweir)

    6 years, 6 months ago

    It isn’t solved, and don’t we have rights to our data on this website?

    Moderator James Huff

    (@macmanx)

    6 years, 6 months ago

    We don’t delete posts except under extreme situations. By that we mean there’s a legal problem with keeping a link, or personal identifying information, included in the post.

    Moderator James Huff

    (@macmanx)

    6 years, 6 months ago

    Additionally, please stop abusing the “Report this Topic” system: https://ww.wp.xz.cn/support/guidelines/#the-bad-stuff

    A moderator is already involved in your topic and receiving your replies, there is no reason to constantly send an alert to the rest of the moderators.

    Further abuse may result in your account being banned.

    Thread Starter softweir

    (@softweir)

    6 years, 6 months ago

    One would say there’s identifying information in this thread that reflects a security/legal issue. I hope you understand where I’m coming from in my insistence and appreciate the limited helpfulness this thread has to anyone else. I am asking once again, would you please consider this an extreme situation and please support me in removing this thread? I have not asked to remove any other post or thread. Thank you, and with sincerity.

    EDIT: The emails I received indicated I should re-report the issue when I make a response. I had no intention to aggravate you.

    • This reply was modified 6 years, 6 months ago by softweir.
    Moderator James Huff

    (@macmanx)

    6 years, 6 months ago

    There is absolutely no identifying information in this thread.

Viewing 12 replies - 1 through 12 (of 12 total)

The topic ‘Firewall Options Being Ignored’ is closed to new replies.