Title: WordPress Firewall SEO Egghead and WASSUP Plugin
Last modified: August 19, 2016

---

# WordPress Firewall SEO Egghead and WASSUP Plugin

 *  [popwireless](https://wordpress.org/support/users/popwireless/)
 * (@popwireless)
 * [16 years, 4 months ago](https://wordpress.org/support/topic/wordpress-firewall-seo-egghead-and-wassup-plugin/)
 * WordPress Firewall is blocking a number of IP’s where the offending parameter
   is similar to: wassup_screen_res = 1280×800
 * It looks like the page requested is a perfectly normal page and not an admin 
   page or a forbidden directory. Some of the IP’s will repeatedly show up after
   the first attempt as looking at the 404 page with the same offending parameter
   related to WASSUP.
 * None of these users are logged in or have access to the WASSUP screen. Are they
   actually sending the string to hack in via Wassup or is there some kind of random
   collision between the Firewall plugin and the Wassup plugin?
 * Anyone else seen this?
 * This occurs on all three blogs where I use Firewall and Wassup. Firewall DOES
   block block SQL injection attacks reliably so I have intention of turning it 
   off 😉
 * Example. IP address omitted:
 * [http://www.dougweb.com/doug/2009/03/salisbury-md-mayor-malicious-blogs-endangering-city/](http://www.dougweb.com/doug/2009/03/salisbury-md-mayor-malicious-blogs-endangering-city/)
   
   Warning: URL may contain dangerous content!
 * Offending Parameter: wassup_screen_res = 1280×800

Viewing 10 replies - 1 through 10 (of 10 total)

 *  Thread Starter [popwireless](https://wordpress.org/support/users/popwireless/)
 * (@popwireless)
 * [16 years, 4 months ago](https://wordpress.org/support/topic/wordpress-firewall-seo-egghead-and-wassup-plugin/#post-1322707)
 * When I turn WASSUP off these occurrences cease. There must be some type of interaction
   between wassup and a visitor? The odd thing is that that screen res parameter
   changes.
 * Is the firewall reacting to wassup collecting data in the background while a 
   user is online?
 * Anyone else notice this?
 *  Thread Starter [popwireless](https://wordpress.org/support/users/popwireless/)
 * (@popwireless)
 * [16 years, 4 months ago](https://wordpress.org/support/topic/wordpress-firewall-seo-egghead-and-wassup-plugin/#post-1322724)
 * I also have noted that I do not have to be in Wassup for the occasional user 
   to be blocked by the Firewall plugin. The Firewall thinks the user is sending
   the Wassup screen res = value. The appears to associated with the users screen
   res. I have inserted the various strings into the Firewall whitelist to see if
   that makes the problem go away.
 *  Thread Starter [popwireless](https://wordpress.org/support/users/popwireless/)
 * (@popwireless)
 * [16 years, 4 months ago](https://wordpress.org/support/topic/wordpress-firewall-seo-egghead-and-wassup-plugin/#post-1322725)
 * Adding the variable strings like wassup_screen_res = 1280×768 in the white list
   variable fields does not appear to have any positive effect. I still get the 
   sql injection emails.
 *  [eots](https://wordpress.org/support/users/eots/)
 * (@eots)
 * [16 years, 2 months ago](https://wordpress.org/support/topic/wordpress-firewall-seo-egghead-and-wassup-plugin/#post-1322748)
 * Hey popwireless – I had the same issue last night.
 * I installed the firewall plugin and the wassup plugin, both in an effort to better
   secure my site and to be able to see when someone is trying to hack it.
 * Things went crazy from there. when I tried to go to my site, I could not access
   it because the browser said it was trying to redirect and would wind up going
   nowhere. Firewall sent about a hundred “attack stopped” emails to me, each one
   saying that my own ip address was trying to make the request. It was always that
   screen res message.
 * So I couldn’t get to my site or my admin panel. I went in via my ftp access and
   deleted the wassup plugin, but that still didn’t stop it.
 * I had to use ftp to delete firewall, and everything went back to normal with 
   my site.
 * What a mess.
 *  [eots](https://wordpress.org/support/users/eots/)
 * (@eots)
 * [16 years, 2 months ago](https://wordpress.org/support/topic/wordpress-firewall-seo-egghead-and-wassup-plugin/#post-1322749)
 * So today I did some experimenting to see what’s going on with this. I reinstalled
   the firewall plugin but did not reinstall wassup.
 * As soon as I activated firewall, things went awry. The login screen froze. I 
   tried opening my blog in another window and it wouldn’t come up. Firewall sent
   a barrage of attack emails to me.
 * Then I went into my browser’s cookie file and found my site cookie, looked in
   there and found wassup’s screen res entry.
 * Deleted that from the cookie file, and now everything is back to normal with 
   firewall. It lets me work with the site and doesn’t trigger messages.
 * Problem is, though, that any of my visitors who would have stopped by while I
   had wassup running will have that entry in their cookie, and if I have firewall
   activated, it’ll probably go haywire next time they visit.
 * Looks like I’ll have to leave them both off.
 *  [helened](https://wordpress.org/support/users/helened/)
 * (@helened)
 * [16 years, 2 months ago](https://wordpress.org/support/topic/wordpress-firewall-seo-egghead-and-wassup-plugin/#post-1322751)
 * For Wassup to run with “WordPress Firewall”, “wassup_screen_res” has to be added
   to Firewall’s Whitelist as a “Form Variable”.
 * However, “WordPress Firewall” has 2 major problems that must be fixed ASAP before
   any Wassup user should use it:
    1. Firewall redirects incorrectly when WordPress core files are in a separate directory
       from the blog. This can send visitors to 404 page or server error page.
    2. The blogger’s own IP address is not excluded from being blocked. The current
       IP is NOT automatically added to Firewall’s IP Whitelist as a part of the activation
       process, so bloggers can find themselves blocked from their own blog once Firewall
       is active.
 * WordPress Firewall is a great idea, but it’s code is not quite ready for real
   world use. Until then, Wassup users can check out “Bad Behavior” plugin as an
   alternative.
 *  Thread Starter [popwireless](https://wordpress.org/support/users/popwireless/)
 * (@popwireless)
 * [16 years, 1 month ago](https://wordpress.org/support/topic/wordpress-firewall-seo-egghead-and-wassup-plugin/#post-1322755)
 * I turned off Bad Behavior because my blogs were a little sluggish using it and
   some legitimate spiders were getting clobbered. The Firewall plugin caught all
   of the sql injection attacks. There are still too many losers use on the Internet.
 * The “wassup Screen res” form variable option does not work.
 * I also noted that turning off Wassup was not always the answer. Guess I have 
   to reconsider my options.
 *  [blogadd1ct](https://wordpress.org/support/users/blogadd1ct/)
 * (@blogadd1ct)
 * [15 years, 9 months ago](https://wordpress.org/support/topic/wordpress-firewall-seo-egghead-and-wassup-plugin/#post-1322781)
 * i don’t know why im getting errors everytime i add a whitelist variable.
 *  [Scott Winterroth](https://wordpress.org/support/users/countrymusicchicago/)
 * (@countrymusicchicago)
 * [15 years, 8 months ago](https://wordpress.org/support/topic/wordpress-firewall-seo-egghead-and-wassup-plugin/#post-1322787)
 * I’m having the same problems. Funny thing is, I deactivated Wassup like over 
   a month ago prior to installing WP Firewall last night.
 *  [pavy](https://wordpress.org/support/users/pavy/)
 * (@pavy)
 * [15 years, 6 months ago](https://wordpress.org/support/topic/wordpress-firewall-seo-egghead-and-wassup-plugin/#post-1322811)
 * I’m modifying the WordPress Firewall plugin to fix some of the errors reported
   in these forums. I’ve added the the default IP feature, so that the IP the plugin
   is activated from is automatically added to the whitelisted IP’s. I have not 
   investigated the compatibility issues regarding Wassup.
 * I will make the modified plugin available in the WP plugin repository as soon
   as I can.

Viewing 10 replies - 1 through 10 (of 10 total)

The topic ‘WordPress Firewall SEO Egghead and WASSUP Plugin’ is closed to new replies.

 * 10 replies
 * 6 participants
 * Last reply from: [pavy](https://wordpress.org/support/users/pavy/)
 * Last activity: [15 years, 6 months ago](https://wordpress.org/support/topic/wordpress-firewall-seo-egghead-and-wassup-plugin/#post-1322811)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics