False positive

  • Resolved www.m4dl.com

    (@wwwm4dlcom)


    9 years, 2 months ago

    Hello,
    First of all thank you for such a great plugin.
    I was notified by dashboard that there was a HIGH Hacking attempts severity,
    I checked the log and believe it’s a false positive.
    It’s not going to annoy me or make me change my 5 star rating which is really suited for your plugin.
    but you may consider to correct such things.

    Hacking attempts severity: HIGH
    LOG:
    17/Jan/16 14:19:15 #5015974 high – 66.249.69.108 GET /index.php – User enumeration scan (author archives) – [author_name=example]

    -I change the author name to example.
    -I checked the IP and it was google.

    Regards

    https://www.ads-software.com/plugins/ninjafirewall/

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author nintechnet

    (@nintechnet)

    Hi,

    This is not a false positive but a firewall policy which can be turned off from the “NinjaFirewall > Firewall Policies >
    Protect against username enumeration > Through the author archives” option.
    But I really don’t recommend to turn it off, otherwise bots will hammer your site with attempts to retrieve users name. NinjaFirewall does not block the request, but only returns a 302 redirection to the main index page so that it does not affect too much some search engine bots that may try to access it.
    But if you often see Google accessing it, you can whitelist its IPs with the help of the ‘.htninja’ user configuration file, rather than disabling that policy.

    Thread Starter www.m4dl.com

    (@wwwm4dlcom)

    URL redirects to my home page.
    you may check it now by just going to my homepage homepage/wp-admin

    Plugin Author nintechnet

    (@nintechnet)

    It looks like you have installed another plugin which is messing with your admin URL. Did you install another security plugin?

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘False positive’ is closed to new replies.