Thread Starter
Anonymous User 14978628
(@anonymized-14978628)
But what about firewall plugins that will block bad requests or actions on a site. They work with caching plugins don’t they? Doesn’t BBQ also work with page caching?
Could you get around such issues by having Blackhole record the ip of anyone who visits the Blackhole url, and then directly adding into htaccess that ip in a blocklist?
That’s the preferred method of blocking ips as you’ve said previously and would sure make things a lot easier, as those who want optimal performance would be copying the blocked ips into a htaccess blocklist anyway.
I appreciate your ideas, definitely some things to consider. I will further my investigation and see if anything is possible for future plugin updates.
Also some other points:
Like other firewall plugins, BBQ Pro works with page caching because it’s simply blocking requests. Blackhole is different in that it checks the request, and serves alternate content based on the results.
In general it’s not wise to auto-write anything to .htaccess, just too risky and not recommended.
Thread Starter
Anonymous User 14978628
(@anonymized-14978628)
ok, then why not make Blackhole work like a single purpose firewall? Once an ip is logged by visiting a blackhole, just block further requests from that ip like BBQ does. Alternate content could still be served by forwarding requests from a blocked ip to a generic page.
Another option to open up the plugin for more users, would be simply to have a mode where BBQ logs ips that visit a Blackhole (i.e., in cases where a caching plugin prevents normal function). This way people would have the option of manually adding those ips to a blocklist in htaccess. In it’s current state, if Blackhole is incompatible with a given caching plugin, we have no way of determining who has visited a Blackhole. Though i don’t know if this would be possible if php is bypassed?
All good ideas. Will definitely consider and investigate further to see what’s possible. BTW, if you happen to know of a security plugin that serves alternate content when page caching is enabled, please let me know.
Thread Starter
Anonymous User 14978628
(@anonymized-14978628)
I’m not presently aware of any, if that’s at all possible.
Is it really necessary to serve the alternate content? Could you just block the ip without it?
Thread Starter
Anonymous User 14978628
(@anonymized-14978628)
Oh, actually, Shield Security (https://ww.wp.xz.cn/plugins/wp-simple-firewall/) has an option in the firewall to serve different messages if a request is blocked by the firewall (e.g., die, die with message, redirect to homepage, return 404) In firewall response settings. That works with a caching plugin.
Awesome, will check it out and see what I can do. Thanks again for the feedback.
Just to follow up with this.. thanks to a lot of great feedback and ideas on the topic of cache-plugin compatibility, I have been able to implement a solution for page-caching plugins like WP Fastest Cache.
I need to do some further testing of the new version before releasing it, so please let me know if you (or anyone else reading) would be able to help beta test. You can reach me via the contact form at Plugin Planet, and I’ll reply with the latest version of Blackhole for Bad Bots.
Thank you in advance!
