49jili ph log download apk,500 jili casino login no deposit bonus.Recharge Every day and Get Bonus up-to 50%!

Resolved jvalks
(@jvalks)

7 years, 6 months ago

I’m a bit confused here… How can I block a IP permanent?? One of my sites is attacked every day from the same IP. I added this to the blacklist, but it has no effect…

How can I block a IP???

Thanks!

Viewing 12 replies - 16 through 27 (of 27 total)

← 1 2

Plugin Contributor mbrsolution
(@mbrsolution)

7 years, 6 months ago

@jvalks, I also use ManageWP and I have not had this issue myself.

You might want to investigate further your server settings or do you have any other security plugin installed in your site? Perhaps checking your server log files might reveal something.

Regards

Thread Starter jvalks
(@jvalks)

7 years, 6 months ago

I have checked the server log files, and what I see is:

GET /wp-includes/wlwmanifest.xml – 80 – 46.118.156.191 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64;+rv:50.0)+Gecko/20100101+Firefox/50.0 – 200 0 0 1291 227 15
GET / author=1 80 – 46.118.156.191 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64;+rv:50.0)+Gecko/20100101+Firefox/50.0 – 301 0 0 452 209 937
GET / author=1 80 – 46.118.156.191 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64;+rv:50.0)+Gecko/20100101+Firefox/50.0 – 301 0 0 452 209 937
POST /xmlrpc.php – 80 – 46.118.156.191 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64;+rv:50.0)+Gecko/20100101+Firefox/50.0 – 200 0 0 67837 98453 1062
POST /xmlrpc.php – 80 – 46.118.156.191 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64;+rv:50.0)+Gecko/20100101+Firefox/50.0 – 200 0 0 67837 98172 2482
POST /xmlrpc.php – 80 – 46.118.156.191 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64;+rv:50.0)+Gecko/20100101+Firefox/50.0 – 200 0 0 732 98145 1157
POST /xmlrpc.php – 80 – 46.118.156.191 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64;+rv:50.0)+Gecko/20100101+Firefox/50.0 – 200 0 0 732 98174 1079
POST /xmlrpc.php – 80 – 46.118.156.191 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64;+rv:50.0)+Gecko/20100101+Firefox/50.0 – 200 0 0 732 97942 1218
POST /xmlrpc.php – 80 – 46.118.156.191 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64;+rv:50.0)+Gecko/20100101+Firefox/50.0 – 200 0 0 732 98110 1047
POST /xmlrpc.php – 80 – 46.118.156.191 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64;+rv:50.0)+Gecko/20100101+Firefox/50.0 – 200 0 0 732 98317 944
POST /xmlrpc.php – 80 – 46.118.156.191 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64;+rv:50.0)+Gecko/20100101+Firefox/50.0 – 200 0 0 732 98151 1153
POST /xmlrpc.php – 80 – 46.118.156.191 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64;+rv:50.0)+Gecko/20100101+Firefox/50.0 – 200 0 0 732 98285 1132

Again it’s showing that xmlrpc is not blocked ??

Plugin Contributor mbrsolution
(@mbrsolution)

7 years, 6 months ago

Hi, then you have to troubleshoot this issue.

Can you follow my troubleshooting suggestions mentioned earlier?

Regards

Thread Starter jvalks
(@jvalks)

7 years, 6 months ago

Ok, I did the following:

Removed all caching and disabled WP Super Cache (just to be sure).
Installed the AIOWPS reset plugin and activated it.
Reset all the AIOWPS settings using that plugin.
Configures all the settings again.

Unfortunately : XML-RPC server accepts POST requests only.

The .htaccess files looks like this:

# BEGIN All In One WP Security
#AIOWPS_BASIC_HTACCESS_RULES_START
<Files .htaccess>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order deny,allow
Deny from all
</IfModule>
</Files>
ServerSignature Off
LimitRequestBody 10240000
<Files wp-config.php>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order deny,allow
Deny from all
</IfModule>
</Files>
#AIOWPS_BASIC_HTACCESS_RULES_END
#AIOWPS_PINGBACK_HTACCESS_RULES_START
<Files xmlrpc.php>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order deny,allow
Deny from all
</IfModule>
</Files>
#AIOWPS_PINGBACK_HTACCESS_RULES_END
# END All In One WP Security

Any more suggestions? AIOWPS is the only security plugin on this site…

Plugin Contributor mbrsolution
(@mbrsolution)

7 years, 6 months ago

Hi, the .htaccess rules are correct. There must be something in your site that is causing this issue.

Can you disable all of your other plugins except this one. What happens when you test the following URL?

yoursite.com/xmlrpc.php

Do you use CDN in your site?

Thread Starter jvalks
(@jvalks)

7 years, 6 months ago

Hi,

I disabled all the plugings, still the same result. I do not use some kind of CDN…

What I’m going to do is create a new test-site, with a clean WordPress install and see what’s happening..

Thread Starter jvalks
(@jvalks)

7 years, 6 months ago

Ok, created a new site. Installed WordPress and AIOWPS plugin. Enabled the basic firewall en checked Completely Block Access To XMLRPC. The .htaccess file is modified:

# BEGIN All In One WP Security
#AIOWPS_BASIC_HTACCESS_RULES_START
<Files .htaccess>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order deny,allow
Deny from all
</IfModule>
</Files>
ServerSignature Off
LimitRequestBody 10240000
<Files wp-config.php>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order deny,allow
Deny from all
</IfModule>
</Files>
#AIOWPS_BASIC_HTACCESS_RULES_END
#AIOWPS_PINGBACK_HTACCESS_RULES_START
<Files xmlrpc.php>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order deny,allow
Deny from all
</IfModule>
</Files>
#AIOWPS_PINGBACK_HTACCESS_RULES_END
# END All In One WP Security

But still the same output using the /xmlrpc.php : XML-RPC server accepts POST requests only.
Thread Starter jvalks
(@jvalks)

7 years, 6 months ago
My provider is using only Windows servers, and uses Helicon APE. Can this be the reason it does not work??
- This reply was modified 7 years, 6 months ago by jvalks.
Plugin Contributor wpsolutions
(@wpsolutions)

7 years, 6 months ago
Hi @jvalks,
As far as I understand, Windows server with “Helicon Ape” does allow support Apache for .htaccess files. I have not used such a setup before and hence I recommend that you ask your host support people to tell you why the apache rules for the pingback protection feature are not working as expected.

Show them the following rules and ask them why they aren’t blocking access to the xmlrpc.php file:
```
#AIOWPS_PINGBACK_HTACCESS_RULES_START
<Files xmlrpc.php>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order deny,allow
Deny from all
</IfModule>
</Files>
#AIOWPS_PINGBACK_HTACCESS_RULES_END
```
adamngai
(@adamngai)

7 years, 6 months ago

@jvalks, pls advise did you install wordfence before you install AIO?

If yes, did you do the proper “magic” click on one of the function before you click deactivate and remove?

If you did not do that, there might a chance for some conflict issue.

Thread Starter jvalks
(@jvalks)

7 years, 6 months ago

@adamngai: No, I primary used (and installed) AIO. The test site has only the AIO plugin…

@wpsolutions: I will create a support ticket for this, I keep you up to date..

Thread Starter jvalks
(@jvalks)

7 years, 6 months ago

Ok, I received a answer from my hosting provider. They told me that I need to block xmlrpc using web.config. Like described in this article: https://stackoverflow.com/questions/30716073/azure-wordpress-deny-xmlrpc

They also told me that within a few days this will be standard on their platform during the increased amount of attacks. So, the AOI plugin IS working, but only in combination with a hosting provider that DOES use the .htaccess method…

This makes things more complicated for the future I guess…

Viewing 12 replies - 16 through 27 (of 27 total)

← 1 2

The topic ‘How to block IP permanent?’ is closed to new replies.