Block on URL access? + Other questions

  • Resolved wbenterprises

    (@wbenterprises)


    3 years, 3 months ago

    1. Can this plug-in block an IP address based on access to a specific URL?

    2. Is it possible for Reports to record 403 errors? If it’s supposed to do this already, it is not. I only see 404 errors in the log.

    3. Is it possible to configure reports to record access to specific URLs, folders, and/or file types (e.g. images)?

    4. Where are the instructions or documentation for this plugin? I can’t find anything which explains how things like “Website firewall on plugin level” or “Website firewall on .htaccess level” works.

    Thank you.

    • This topic was modified 3 years, 3 months ago by wbenterprises.
Viewing 4 replies - 1 through 4 (of 4 total)

  • Hi there,

    Thank you for reaching out to us.

    I would like to inform you that we currently do not provide Block access based on URLs.
    But, we can make some customizations in the plugin to support it.

    Also, all the 403 errors are nothing but blocked IPs. Hence, you can see all the 403 errors in the WAF -> IP Blacklist -> Manual IP Blocking.

    We can get on a call to check this requirement on your site.
    Also, you can refer to these documents for plugin level and .htaccess level WAF : [WAF]

    Can you please raise a query from a support form or reach out to us here to proceed further?

    Thank you,
    miniOrange team

    Thread Starter wbenterprises

    (@wbenterprises)

    Hello,

    Thank you for the reply.

    I think it would be beneficial to add the URL blocking feature. It’s a good security (honeypot) feature, and a competitor already offers this feature in their free version. I often see attempts to scan a site for specific vulnerable plugins or resources.

    Also, 403 errors are not strictly blocked IP addresses. They are also blocked resource accesses (like preventing direct linking to images or other site files). See here:

    https://en.wikipedia.org/wiki/HTTP_403

    And, the WAF/IP Blacklist page does not appear to log attempts, but that’s not too important if it’s only 403.6 IP addresses.

    The documentation provided above does not go into detail about WHAT a setting does. The brief descriptions in the plugin fall short.

    — Does enabling .htaccess only block IP addresses, or does it offer other features?

    — What is the difference of activating .htaccess on the WAF or the Advanced Blocking page?

    — What does SQL Injection Protection do that WordPress already does not do? Does it check all inputs from all forms from all plugins?

    — What does it mean when “Website firewall on plugin level” AND “Website firewall on .htaccess level” are both OFF?

    So many questions.

    Hi there,

    Thank you for your reply. Please find my answers below.

    Regarding the 403 error, you are correct that it is related to the forbidden access if anyone is not allowed to view that page or the site.

    — Does enabling .htaccess only block IP addresses, or does it offer other features?
    >>If you are using an apache server then .htaccess is a file available?in your WordPress directory. This file is helpful if you want to control access to the WordPress?instance. Both .htaccess and plugin level Firewall work the same but on different levels so both IP blocking as well as attack blockings work in both levels.

    — What is the difference between activating .htaccess on the WAF or the Advanced Blocking page?
    >>.htaccess is a firewall that provides you security if any sort of attack is happening on your website. Advance blocking is just a feature where you can define some settings like country blocking, browser blocking, etc. The firewall protects you from many popular website hacks. Country blocking and others just are setting to block access ( both legitimate and illegitimate traffic ) from a particular location, browser, etc.?

    — What does SQL Injection Protection do that WordPress already does not do? Does it check all inputs from all forms from all plugins?
    >>SQL injection is basically a sort of attack which takes place on your DB from the website. By default, WordPress does not provide end-to-end security as there are many plugins and any vulnerability?in any plugin can cause this issue. Our plugin keeps an eye on every request coming to your website and scans the requests. If there are any chances the request is not legit or has some sort of attacks included then it blocks it right away.

    — What does it mean when “Website firewall on plugin level” AND “Website firewall on .htaccess level” are both OFF?
    >>If both the settings are off it means you have not enabled any firewall on your site and it might be having vulnerabilities for attacks.?

    I am adding some more details regarding the .htaccess and plugin level firewall so that you can get more ideas. If somebody is visiting your website the first thing server will check?is the .htaccess rules defined by our plugin. If the user is permitted then your website will load so that the .htaccess firewall blocks illegitimate requests before loading the website. In the plugin level firewall, the website will be loaded first and then the plugin will check if the request is illegitimate. Based on that the user will be blocked.

    Hence, in conclusion, both firewalls have the same rules to block attacks only difference is when they are blocking the requests.

    We have included the URL blocking feature for our next release and will let you know once it goes live.

    I hope you have found answers?to your questions.

    If you have any more questions then let us know.

    Thank you,
    miniOrange team

    Hi there,

    We haven’t heard back from you.

    I hope you have found answers to your questions satisfactory.

    I am closing this ticket for now.

    If you have any more questions then you can reopen this ticket.

    Thank you,
    miniOrange team

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Block on URL access? + Other questions’ is closed to new replies.