Title: Plugin IP Blocks Last modified: August 21, 2016 --- # Plugin IP Blocks * Resolved [mlhwebsites](https://wordpress.org/support/users/mlhwebsites/) * (@mlhwebsites) * [12 years, 1 month ago](https://wordpress.org/support/topic/plugin-ip-blocks/) * I am not sure whether or not this is an issue with your plugin or not. I have the free version and am considering changing to the pro version but want to resolve all issues first. I received this from my hosting provider: * [Tue Apr 22 12:11:10 2014] [8022201] [access_compat:error] [client 220.181.108.121: 11275] AH01797: client denied by server configuration: /var/chroot/home/content/ 01/8022201/html/adalawsuitdefenselawyer/xmlrpc.php * That tells us you have an htaccess file that is denying access I checked the htaccess and there’s a lot of reference to ip blocks by plugin * [https://wordpress.org/plugins/bulletproof-security/](https://wordpress.org/plugins/bulletproof-security/) Viewing 15 replies - 1 through 15 (of 15 total) * Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/) * (@aitpro) * [12 years, 1 month ago](https://wordpress.org/support/topic/plugin-ip-blocks/#post-4862324) * Your xmlrpc.php file is being protected/blocked from public access. Is this what you want? Did you use the BPS XML-RPC DDoS Protection Bonus Code? Are you using something else that is protecting the xmlrpc.php file? [http://forum.ait-pro.com/forums/topic/wordpress-xml-rpc-ddos-protection-protect-xmlrpc-php-block-xmlrpc-php-forbid-xmlrpc-php/](http://forum.ait-pro.com/forums/topic/wordpress-xml-rpc-ddos-protection-protect-xmlrpc-php-block-xmlrpc-php-forbid-xmlrpc-php/) * Thread Starter [mlhwebsites](https://wordpress.org/support/users/mlhwebsites/) * (@mlhwebsites) * [12 years, 1 month ago](https://wordpress.org/support/topic/plugin-ip-blocks/#post-4862338) * Thanks for the supper quick response!!! Yes I use the BPS XML-RPC DDoS Protection Bonus Code on every site but this is the only one getting this error. As far as I can tell your .htaccess file is the only thing protecting this. I don’t want to open this up for hackers I just don’t know how serious this error is or whether I can fix it but keep the protection. * Thanks again for your speedy answer. * Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/) * (@aitpro) * [12 years, 1 month ago](https://wordpress.org/support/topic/plugin-ip-blocks/#post-4862354) * The “error” is a mod_security log entry. Do you have mod_security installed on your other sites? * The “error” is not actually an error message. We have this same perception problem going on with the BPS Security Log and are trying to correct that perception. Log entries are logged events. Using the word “error” causes folks to think that they need to fix something. * a “client” is a website visitor to your website. “denied by server configuration” means the .htaccess file (distributed server configuration file) is blocking access to the xmlrpc.php file to website visitors. If you are not using the xmlrpc. php file and service to do remote posting and you do not have any plugins or themes installed that use the xmlrpc.php file then this is a typcial hacker or spammer probe checking to see if your xmlrpc.php file is accessible and exploitable. * So to put it plainly the mod_security log entry is saying that the xmlrpc.php file is protected/not accessible to the public. So if this is what you want then it is not a problem and everything is ok and what you want. * Thread Starter [mlhwebsites](https://wordpress.org/support/users/mlhwebsites/) * (@mlhwebsites) * [12 years, 1 month ago](https://wordpress.org/support/topic/plugin-ip-blocks/#post-4862358) * I have not installed mod_security anywhere. I don’t know how to determine whether or not I am using the xmprpc file but it sounds like it’s not really a problem. This site is actually a different theme than the other 3 sites which may be why it’s the only one getting this log entry. I may check with their support. * Thank you SO much for your timely and detailed response!!! * Mike * Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/) * (@aitpro) * [12 years, 1 month ago](https://wordpress.org/support/topic/plugin-ip-blocks/#post-4862366) * mod_security is something that your Host would have installed on your/their Server itself. Some hosts have mod_security installed and others do not. * If you are using the xmlrpc.php file and are using BPS xml-rpc bonus code then make sure you are whitelisting whatever you need to have whitelisted (ip address, hostname) for your personal uses/usage. * Another way to look at this is – if everything related to xmlrpc is working for you then there is nothing to worry about or fix. If the BPS xmlrpc code is blocking something that you are using then add whitelisting rules to allow/not block whatever that is. * Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/) * (@aitpro) * [12 years, 1 month ago](https://wordpress.org/support/topic/plugin-ip-blocks/#post-4862370) * If something legit is being blocked you can check your BPS Security log to see what is being blocked to get the IP address, hostname, etc that needs to be whitelisted. If the Security log entry does not make any sense to you then post it here and we will post the whitelist rule that you need. * Thread Starter [mlhwebsites](https://wordpress.org/support/users/mlhwebsites/) * (@mlhwebsites) * [12 years, 1 month ago](https://wordpress.org/support/topic/plugin-ip-blocks/#post-4862385) * Here are 2 entries from your security log. The first is using xmlrpc . I guess I will have to research each one to know if it’s someone I want in. The second is a monitor from my Sucuri security company which I want to allow to connect. If you can show me how and where to whitelist that might solve the problem. * [403 GET / HEAD Request: April 25, 2014 – 6:12 pm] Event Code: BFHS – Blocked/ Forbidden Hacker or Spammer Solution: N/A – Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 198.50.139.51 Host Name: 198.50.139.51 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: [http://www.notanaccident.com/](http://www.notanaccident.com/) REQUEST_URI: /xmlrpc.php QUERY_STRING: HTTP_USER_AGENT: PHP/5.2.10 * [403 GET / HEAD Request: April 25, 2014 – 6:31 pm] Event Code: BFHS – Blocked/ Forbidden Hacker or Spammer Solution: N/A – Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 192.81.128.31 Host Name: monitor12.sucuri.net SERVER_PROTOCOL: HTTP/ 1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: //readme.html QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/ 3.6 * Thank you again – you are extremely helpful! * Mike * Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/) * (@aitpro) * [12 years, 1 month ago](https://wordpress.org/support/topic/plugin-ip-blocks/#post-4862388) * Is the notanaccident.com site the same site where you are seeing this Security Log entry? * You can disregard the sucuri log entry about the readme.html file. BPS has a rule to block the readme.html file from being publicly viewable which is recommended. That will not negatively impact or interfere with your Sucuri monitoring service. Nor will anything else in BPS interfere with Sucuri. * Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/) * (@aitpro) * [12 years, 1 month ago](https://wordpress.org/support/topic/plugin-ip-blocks/#post-4862390) * Looked at the footer link so yeah this is probably the same site. Designed by Mlhwebsites. You can probably ignore this since what I assume happened is some sort of scraping, mirroring or some other shady activity triggered the log entry. * If everything is working regarding xmlrpc then you would not need to do anything else. If something is not working then check the Security Log to see what is being blocked. * Thread Starter [mlhwebsites](https://wordpress.org/support/users/mlhwebsites/) * (@mlhwebsites) * [12 years, 1 month ago](https://wordpress.org/support/topic/plugin-ip-blocks/#post-4862392) * The only xmlrpc entry that may be an issue is from [http://www.google.com](http://www.google.com) if this affects seo. As far as the Sucuri blocks the only other entries have REQUEST_URI: / – on ALL sites but if you don’t interfere with anything else that shouldn’t be a problem. I’ll continue to keep an eye on both in case there is a problem. * Thanks again for ALL your help!! * Mike * Thread Starter [mlhwebsites](https://wordpress.org/support/users/mlhwebsites/) * (@mlhwebsites) * [12 years, 1 month ago](https://wordpress.org/support/topic/plugin-ip-blocks/#post-4862393) * BTY I learn more with interactions with you guys than years of website building experience. * Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/) * (@aitpro) * [12 years, 1 month ago](https://wordpress.org/support/topic/plugin-ip-blocks/#post-4862400) * Ok next lesson class. LOL too funny, but thanks for the compliment. Most people say I blab too much, but I am an information junky so there is no such thing to me as “too much information”, unless you are talking about a bad experience in a restroom ha ha ha ha. * [http://codex.wordpress.org/XML-RPC_Support](http://codex.wordpress.org/XML-RPC_Support) * [http://xmlrpc.scripting.com/default.html](http://xmlrpc.scripting.com/default.html) * > What is XML-RPC? > It’s a spec and a set of implementations that allow software > running on disparate operating systems, running in different environments to > make procedure calls over the Internet. > It’s remote procedure calling using HTTP as the transport and XML as the encoding. > XML-RPC is designed to be as simple as possible, while allowing complex data > structures to be transmitted, processed and returned. * translation: xmlrpc allows you to remotely post to your blog/website without being logged into your site from your computer with an application that can connect to xmlrpc. * xmlrpc would not affect or impact SEO or anything relating to ranking SERP’s or Google. * Thread Starter [mlhwebsites](https://wordpress.org/support/users/mlhwebsites/) * (@mlhwebsites) * [12 years, 1 month ago](https://wordpress.org/support/topic/plugin-ip-blocks/#post-4862404) * That only leaves me with one more question since your are so generous with your time! Can you give me an example of how to whitelist a host and an ip? That should conclude class for today – lol!!! * Thanks * Again * Mike * Thread Starter [mlhwebsites](https://wordpress.org/support/users/mlhwebsites/) * (@mlhwebsites) * [12 years, 1 month ago](https://wordpress.org/support/topic/plugin-ip-blocks/#post-4862406) * I figured out how to whitelist an IP but am not sure how to do so to a host. However you have done enough!!! * Thanks for all * Mike * Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/) * (@aitpro) * [12 years, 1 month ago](https://wordpress.org/support/topic/plugin-ip-blocks/#post-4862407) * whitelist an IP: Allow from 123.456.789 whitelist a hostname: Allow from example. com Viewing 15 replies - 1 through 15 (of 15 total) The topic ‘Plugin IP Blocks’ is closed to new replies. * ![](https://ps.w.org/bulletproof-security/assets/icon-128x128.png?rev=1731938) * [BulletProof Security](https://wordpress.org/plugins/bulletproof-security/) * [Support Threads](https://wordpress.org/support/plugin/bulletproof-security/) * [Active Topics](https://wordpress.org/support/plugin/bulletproof-security/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/bulletproof-security/unresolved/) * [Reviews](https://wordpress.org/support/plugin/bulletproof-security/reviews/) * 15 replies * 2 participants * Last reply from: [AITpro](https://wordpress.org/support/users/aitpro/) * Last activity: [12 years, 1 month ago](https://wordpress.org/support/topic/plugin-ip-blocks/#post-4862407) * Status: resolved