For example, on a Contact Form 7 form with two fields, one for name and the second for email address, can Clean Talk block URLs from being submitted in the fields?
]]>But will good bots somehow discover it and get blocked?
]]>/?s=, /login.asp, /vip/, /login.html, /config/, /jxyj/, /system/, /auth/, /administrator/, /admin/, /webgame/, /account/, /wordpress/, /wp/, /member/
Example:
I want to block IP’s who tries to visit these locations immediately if they are in the URL.
https://yourwebsitename.com/?s=
https://yourwebsitename.com/login.asp
https://yourwebsitename.com/vip/login.htmlsometimes I even get these “book” url’s showing… how do you handle this?
https://yourwebsitename.com/?s=Nike+Air+Max+2020+Sale&content=r+also+presumes+that+never+everyone+are+appropriate+available+of+career+until+retirement.What+imagine+to+the+insurance+broker+is+that+it+will+probably+be+covering+any+group+for+any+shorter+period+than+it+could+when+simply+insuring+people.These+a+couple+of+assumptions+on+your+own+enable+the+insurance+vendor+to+provide+significantly+cheaper+rates.
I had to change:
If 404’s for known vulnerable URL’s exceed:
from Unlimited-Throttle
to 1 per minute-Block
Is the “Immediately block IP’s that access these URLs” linked for that option for “If 404’s for known vulnerable URL’s exceed:”?
How can I set “wildcards” for things like adding in keywords to block anything that has “handbags, watches, viagra”, etc.
https://www.ads-software.com/plugins/wordfence/
]]>https://www.ads-software.com/plugins/paid-memberships-pro/
]]>/revslider/,/downloads-manager/,/captcha/,/wp-symposium/,/test.html,/?author=2,
Yet visitors, as in the linked image below, to these URL’s above are not “Immediately Blocked”
It appears that both this option [above] and also the “Prevent discovery of usernames through ‘?/author=N’ scans” option are not working as intended?
Tx. for read and comment.
https://www.ads-software.com/plugins/wordfence/
]]>https://www.ads-software.com/plugins/redirection/
]]>The question: I receive messages with urls stuffed into the name text field, tel field etc.
I’ve tried modifying the field setup to do what I believe should restrict to ‘text only but am receiving’ validation error messages on send tests.
This is the general format I’ve been trying without success by inserting the text specific tag:
Original that receives url stuffed messages:
Name*:</br>[text* your-name 25/60]
Revised intending to restrict to text only:
Name*:</br>[text* text-732 your-name 25/60]
I’m not sure if I am close or way off the mark…?
Related to this for the text area – i use the [_url] as a footer in each message to track the page source. If i restrict the text area to prevent urls – will the footer code (then as a link on send), also cause a reject?
Thank you for any guidance able to be offered.
https://www.ads-software.com/plugins/contact-form-7/
]]>I have some patterns I’d like to automatically block, I inserted the full URL (https://www.xxx.ext/administrator/?option=com_login) but it doesn’t work at all.
Do I have to write only the last part ? such as “/administrator/?option=com_login”
It would be easier if there was a multiline form or if it’d be possibile to load an external text file with URLs to block.
I also keep seeing odd browser user-agent:
Netherlands tried to access non-existent page https://www.xxx.ext/administrator/?option=com_login
9 hours 47 mins ago IP: 146.0.73.135 [block]
Browser: Yahoo version 0.0
Mozilla/4.0
thank you !
https://www.ads-software.com/plugins/wordfence/
]]>