Customers being banned but nothing set to ban?

Hello Chris,

Sorry to hear that you are having this trouble. Could you let me know what settings that you have for the Rate Limiting Rules please on the Options page please?

You don’t have to disable the Wordfence plugin. You could just temporarily disable the Enable Rate Limiting and Advanced Blocking setting at the top of the Options page.

Once you have provided the settings that I have requested we can check that you have all of the recommended settings.

Hi Phil.

Settings are as follows:

I have also reactivated the plugin and temporarily unchecked Enable Rate Limiting and Advanced Blocking.

– Chris

• This reply was modified 7 years, 8 months ago by rotornut44.

Hello Chris,

Thanks for providing the settings. Below I have provided our recommended settings for human visitors so that you can update your settings accordingly:

If a human’s page views exceed:

In general we recommend you keep this high, especially if you are using AJAX on your website. 240 per minute is a healthy setting unless you have many static pages with no AJAX and are sure that the normal traffic pattern that humans generate on your site is much lower.

If a human’s pages not found (404s) exceed:

If your site is well configured and well designed then you can set this as low as 30 per minute or even 15 per minute. However, please read the following caveat: If your site is NOT well designed or configured, then it may during the normal course of operations experience many page not found (404) errors. For example if you include many images that don’t exist in your web pages then your pages will generate a lot of 404’s on your site. Those 404’s can cause Wordfence to block the visitor who is viewing a page if they exceed the limit you’ve set. So before setting this to a low number and setting the action to “block” make very sure that you don’t get a lot of page not found (404) errors on your site during normal operations. One way to do this is to look at your browser error log or console which often displays 404 errors on a page in red.

Also can you go to the blocking page and let me know what is in these tabs:

IPs blocked from accessing the site
IPs throttled for accessing the site too frequently

We want to know if the reports from site visitors are really blocks and not for throttling. As you have received reports from people it would be very handy if someone could take a screenshot for you to paste here if the Firewall isn’t functioning properly when they say that they are being banned from visiting the site.

Hi Phil.
I have adjusted my settings to what you recommended above. As far as the blocking page(s), we dont have any IPs listed that would be from our customers. The only things blocked are a handful of Russian IPs. The last IP throttle was about a month ago as well. We have had reports more recent than that.

Unfortunately nobody has submitted a picture of an error message, but a friend did get it on his iPad while only visiting the site once. It did specifically state that he had been blocked from accessing the site.

-Chris

Hello Chris,

Thanks for the feedback.

Let’s see how the new settings perform. Also please check that you have the latest version of Wordfence installed.

The odd thing was your friend being blocked and only visiting the site once. On the Live Traffic page you can filter the blocks to see what is being blocked and the reason for why they were blocked.

If nothing is showing up there when users are blocked, it means that the hit never reached Wordfence and was either blocked by another security software, blocked by a server configuration or they were served a cached block page.

We did have a conflict with W3 Total Cache in previous versions of Wordfence where they would cache our block page and serve it to random human visitors. Even in those cases SOME blocks will show up in Live Traffic though. This is because before the block page could get cached, a real block would have had to have taken place. If you have the W3 Total Cache plugin installed then you need to have the latest version of Wordfence.

Hi Phil,
Excuse the delay in response. Part of the problem has to be caching. We are using W3 Total Cache on the site, however both it and WordFence are fully up-to-date.

I visited the www address of our site today (www.nfwllc.com) and found it displaying the banned message. Upon switching to the normal nfwllc.com address I was able to access the site. Purging the cache got rid of the banned message at the www address.

The W3 conflict must not be fully resolved.

-Chris

Hello Chris,

Thanks for the update.

We will investigate further for you.

Hello Chris,

Can you try disabling database cache in W3TC please if it’s enabled, as this has been known to cause problems with Wordfence.

Thank you.

Hi Phil,
Database caching has now been disabled. I have now re-enabled Advanced Blocking and Rate Limiting. (Using the new settings we discussed) I’ll give it a few days and see if the Banned message reappears.

-Chris

Phil,
The banned message was back on the www site this morning. Have you contacted W3TC about this issue?

-Chris

Hello Chris,

I’m wondering if after the recent update of Wordfence, did you completely remove all W3TC cached files please. If not, please try this and see if the problem returns.

Thank you.

Hello,

As you haven’t replied to the instructions that I provided I will assume that the instructions did solve your issue and I will now mark this topic as resolved.

If however, for whatever reason, you are still experiencing this issue and it is not resolved please respond to the post, which moves it back up the queue, and mark this topic as “not resolved”.

Thank you.