Does Your Plugin Auto-Block Malicious IPs?

  • Resolved Generosus

    (@generosus)


    1 year, 6 months ago

    Good Day,

    Does your plugin automatically block malicious IPs?

    If not, any plans to do so?

    Also, what other types of threats does SGS block automatically? Unless we missed it, your plugin description and knowledgebase does mention much about this.

    We prefer to use a security plugin that is proactive, not reactive, such as Wordfence.

    Thank you!

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Support Dimo Dimov

    (@dimodi)

    Hello @generosus,

    Currently our plugin blocks automatically IP addresses that have attempted to log in with a wrong combination of user and password more than once. If they reach a specific limit (the “Login Attempt Limit” can be set in the Login Security page of the plugin), the IPs will be blocked for an hour. If they continue with unsuccessful attempts, they will be restricted for 24 hours and 7 days after that.

    In addition to that, you can always block IP addresses you consider malicious manually from the “Unknown Activity” tab and they will remain blocked until you manually unblock them.

    More info on how our plugin protects your website and the types of threats that can be blocked can be found here:

    https://www.siteground.com/tutorials/wordpress/sg-security/

    Regards,
    Dimo

    Thread Starter Generosus

    (@generosus)

    Hey @dimodi,

    Thanks for the quick reply. So, it appears the answer no, SGS does not automatically block bad actors (e.g., malicious IPs, bad bots, etc.) outside of what is recorded during failed login attempts.

    Which takes us to the second question: Any plans to implement such feature? As you probably know, a list of known, bad actors is publicly available and – most likely — can be introduced into your plugin as a new defense mechanism.

    That is something we can really use and would help steer us to use SGS in lieu of a competitors’ plugin.

    Again, thank you.

    Plugin Support Tsvetan Mitev

    (@tsvetanm)

    Hello @generosus,

    I am afraid that there are no plans to add such traffic filtering feature in the near future, however we are always looking to improve our services so I will make sure to pass your suggestion to our developers.

    I would also like to note that our hosting environment already has a?sophisticated Intrusion detection/prevention systems which are actively filtering the malicious traffic, while SiteGround Security provides additional protection layer from malicious attacks and further strengthens individual websites on application level.?

    Best Regards,

    Tsvetan Mitev

    @generosus SG blocks bad bots: https://www.siteground.com/blog/95-less-bad-traffic-with-enhanced-brute-force-prevention/

    Thread Starter Generosus

    (@generosus)

    Hey @pinoooo,

    Thanks for the link. Yes, aware of the bot protection you referenced. Provided only for websites hosted with SG. Ergo, the reason for our follow-up question.

    No biggie. We’re covered.

    Again, thank you ??

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Does Your Plugin Auto-Block Malicious IPs?’ is closed to new replies.