Free WordFence working well: Can I ask a question?

  • Resolved 1waytoheaven

    (@1waytoheaven)


    1 month ago

    Dear WF,

    I've used your free plugin for several years, and thank you for providing this service.

    I'd like to ask, if I may;

    I wish to allow all genuine Yandex cidr's access to my WP site, but notice many fake registrations to our WP member site, by bots on IP's adjacent to Yandex cidrs.

    Question:
    Will WordFence override any manual additions I make to the root htaccess file?

    ie. I wish to deny access to all of 77.0.0.0/8 using the WF plugin Custom blocks…
    except I want to allow this genuine Yandex 77.88.0.0/18 by manually adding this code to my root htaccess along this line;

    Order Allow,Deny 
    Allow from all
    deny from 77.0.0.0/8
    allow from 77.88.0.0/18

    I'm asking first because I don't want to do a clumsy experiment.

    Colin
    • This topic was modified 1 month ago by 1waytoheaven. Reason: symbols in my code break the post!
    • This topic was modified 1 month ago by 1waytoheaven.
Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @1waytoheaven, thanks for your question.

    We can’t assist with code outside of the plugin but it looks from your description like blocking 77.0.0.0/8 in Wordfence would include 77.88.0.0/18 regardless of the .htaccess contents.

    Allowlisting IPs from inside the blocked range (in our plugin settings) wouldn’t be recommended as that allows them to bypass all Wordfence protection – which can be dangerous. I would recommend allowing and denying entirely in .htaccess, or a firewall on your server, in this case as that would filter the visitors you do/don’t want accessing your site before Wordfence loads.

    Many thanks,
    Peter.

    Thread Starter 1waytoheaven

    (@1waytoheaven)

    Thank you Peter, understood.

    I’ll take your advice ??

Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.

Tags