Feature request for “Protect admin-ajax.php against suspicious bots”

  • Resolved knubew

    (@knubew)


    4 years, 10 months ago

    Hello,

    it would be helpful, if there would be the possibility for the admin to add additional (custom) IP addresses (additional to the automatic local IP addresses) for the firewall policy: “Protect admin-ajax.php against suspicious bots”.

    I use the “Migrate DB Pro” (Delicious Brains) plugin to PULL data from a staging site version into the live site version. When I activate the policy “Protect admin-ajax.php against suspicious bots” in the staging site version, the PULL-Request of the live site version is blocked.

    Thanks.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author nintechnet

    (@nintechnet)

    In the free WP Edition, you need to use the .htninja script to whitelist someone.
    For instance, if you want to allow IP 1.2.3.4 to access the “wp-admin/admin-ajax.php” script:

    <?php
/*
 +===========================================================================================+
 | NinjaFirewall optional configuration file                                                 |
 |                                                                                           |
 | See: https://blog.nintechnet.com/ninjafirewall-wp-edition-the-htninja-configuration-file/ |
 +===========================================================================================+
*/
if ( strpos( $_SERVER['SCRIPT_FILENAME'], '/wp-admin/admin-ajax.php' ) !== FALSE &&
   $_SERVER['REMOTE_ADDR'] == '1.2.3.4' ) {

   return 'ALLOW'; // Allow it
}
    Thread Starter knubew

    (@knubew)

    Thank you very much for your help and support.
    Great – it works perfectly.

    Thx an stay healthy.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Feature request for “Protect admin-ajax.php against suspicious bots”’ is closed to new replies.