Firewall -> 404 Detection -> AutoLockout?

  • Resolved herzla

    (@herzla)


    2 years, 5 months ago

    i would like to automatically lockout an IP’s after 5 or 10 404-Errors
    is there a chance to get it done quick or is this more like a feature-request?

    don’t your logs look like this?
    I like the /wp-content/wp-old-index.php?action=login&pass=-1 and /force-download.php?file=wp-config.php ??

    0:12:51	404	/wp-commentin.php 
0:12:56	404	/wp-commentin.php 
0:22:29	404	/xmlrpc.php 
1:15:13	404	/force-download.php?file=wp-config.php
1:20:45	404	/xmlrpc.php 
2:26:12	404	/xmlrpc.php 
2:29:31	404	/xmlrpc.php 
2:59:44	404	/xmlrpc.php 
3:06:34	404	/xmlrpc.php 
3:09:35	404	/wp-login.php 
3:36:31	404	/xmlrpc.php 
4:22:01	404	/xmlrpc.php 
4:27:59	404	/wp-content/themes/famous/megaframe/megapanel/inc/functions.php 
5:08:27	404	/wp-login.php 
5:54:43	404	/style.php 
5:54:47	404	/moduless.php 
5:54:48	404	/wp-content/plugins/t_file_wp/t_file_wp.php?test=hello
5:54:51	404	/admin.php 
5:54:58	404	/boom.php?x 
5:55:00	404	/wp-content/plugins/backup_index.php 
5:55:03	404	/wp-content/db_cache.php 
5:55:06	404	/wp-content/plugins/ioptimization/IOptimize.php?rchk 
5:55:08	404	/xmlrp.php?url=https://raw.githubusercontent.com/carlosdechia/carlosdechia/main/ExV1
5:55:10	404	/wpindex.php?idb=https://raw.githubusercontent.com/carlosdechia/carlosdechia/main/ExV1
5:55:14	404	/larva.php?idb=https://raw.githubusercontent.com/carlosdechia/carlosdechia/main/ExV1
5:55:17	404	/th3_err0r.php?php=https://raw.githubusercontent.com/carlosdechia/carlosdechia/main/ExV1
5:55:20	404	/alfindex.php 
5:55:23	404	/alfa.php 
5:55:24	404	/wp-booking.php 
5:55:26	404	/cindex.php 
5:55:30	404	/wp-content/wp-1ogin_bak.php 
5:55:33	404	/wp-1ogin_bak.php 
5:55:35	404	/wp-includes/fonts/css.php 
5:55:37	404	/wp-includes/css/css.php 
5:55:39	404	/old-index.php 
5:55:41	404	/config.bak.php 
5:55:44	404	/wp-admin/config.bak.php 
5:55:45	404	/wp-content/config.bak.php 
5:55:48	404	/wp-includes/config.bak.php 
5:55:50	404	/wp-content/themes/config.bak.php 
5:55:52	404	/wp-content/plugins/config.bak.php 
5:55:55	404	/wp-includes/css/wp-config.php 
5:55:59	404	/wp-content/plugins/ubh/up.php 
5:56:02	404	/wp-includes/wpconfig.bak.php?act=sf 
5:56:03	404	/wp-content/plugins/wpconfig.bak.php?act=sf 
5:56:06	404	/haders.php 
5:56:09	404	/wp-content/wp-old-index.php?action=login&pass
5:56:11	404	/legion.php 
5:56:12	404	/wp-content/mu-plugins/db-safe-mode.php 
5:56:14	404	/wp-includes/lfx.php 
5:56:15	404	/wp-includes/small.php 
5:56:17	404	/up.php 
5:56:20	404	/upload.php 
5:56:25	404	/config.php 
5:56:35	404	/test.php?Ghost=send 
5:56:37	404	/wp-content/langar.php 
5:56:39	404	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php 
5:56:43	404	/wp-content/plugins/fancy-product-designer/inc/custom-image-handler.php 
5:56:46	404	/wp-content/plugins/wpdiscuz/themes/default/style-rtl.css 
6:24:48	404	/xmlrpc.php 
6:44:56	404	/force-download.php?file=wp-config.php 
6:46:10	404	/xmlrpc.php 
7:15:52	404	/xmlrpc.php 
7:19:17	404	/wp-login.php 
7:59:34	404	/xmlrpc.php 
8:10:44	404	/xmlrpc.php 
8:49:42	404	/_ignition/health-check/ 
8:49:42	404	/_ignition/health-check/ 
8:49:42	404	/_ignition/health-check/ 
8:49:42	404	/_ignition/health-check/ 
8:49:44	404	/public/_ignition/health-check/ 
8:49:44	404	/public/_ignition/health-check/ 
8:49:44	404	/public/_ignition/health-check/ 
8:49:44	404	/public/_ignition/health-check/ 
8:49:48	404	/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php 
8:49:48	404	/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php 
8:49:48	404	/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php 
8:49:48	404	/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php 
9:28:52	404	/xmlrpc.php 
9:40:31	404	/wp-admin/css/ 
9:40:43	404	/.well-known/ 
9:41:07	404	/sites/default/files/ 
9:41:19	404	/admin/controller/extension/extension/ 
9:41:32	404	/uploads/ 
9:41:44	404	/images/ 
9:41:57	404	/files/ 
9:48:25	404	/ffAA531.php 
9:48:25	404	/ffAA531.php 
9:48:33	404	/ffAA531.php 
11:02:21	404	/xmlrpc.php 
11:26:43	404	/wp-login.php 
11:33:02	404	/style.php?sig=rename 
11:47:28	404	/xmlrpc.php 
12:14:42	404	/force-download.php?file=wp-config.php 
13:03:48	404	/wp-admin/patior/ 
13:03:48	404	/wp-admin/patior/ 
13:03:48	404	/wp-admin/patior/ 
13:07:39	404	/xmlrpc.php 
13:28:28	404	/xmlrpc.php 
13:53:19	404	/xmlrpc.php 
14:11:37	404	/aws.credentials 
14:11:37	404	/aws.credentials 
15:10:03	404	/.env 
15:10:03	404	/.env
    • This topic was modified 2 years, 5 months ago by herzla.
Viewing 1 replies (of 1 total)
  • Plugin Support damien7

    (@damien7)

    Hey, thanks for getting in touch. Automatic blocking is a good idea which we will look to implement in the future. However, at the moment blocking these requests can only be done manually.

    I’m sure you’re already aware on how to do so manually, but just in case you’re not:

    1. Go to WP Security > Firewall > 404 Detection tab.
    2. Scroll to the 404 Events Log
    3 Hover over the entry and select one of the blocking options.
    4 Alternatively, you can select multiple entries and use the ‘Bulk Actions’ drop down to perform the blocking actions.

Viewing 1 replies (of 1 total)
  • The topic ‘Firewall -> 404 Detection -> AutoLockout?’ is closed to new replies.