How to test firewall functions

  • Resolved fwunder

    (@fwunder)


    9 years, 9 months ago

    I’m just not getting it, I guess.

    I enabled the firewall feature with “Block Response” set to “Die With Message”. To test firewall function, I then added a proxy server IP address in the Blacklist.

    If I access the site via the proxy server (IP in blacklist), the site responds normally.

    Can you suggest a good way to test the Firewall Functions?

    Thanks!

    https://www.ads-software.com/plugins/wp-simple-firewall/

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author Paul

    (@paultgoodchild)

    If the proxy server is forwarding the IP address correctly as it should, then the plugin will not block on the proxy, but on the real client IP address.

    That’s not really a way to test it.

    Put in your own IP address and see. First test that you can turn off the plugin using this: https://icontrolwp.freshdesk.com/support/articles/3000000959-i-m-locked-out-of-my-own-site-

    Thanks,
    Paul.

    Thread Starter fwunder

    (@fwunder)

    Thanks for the quick response Paul!

    Yes, that worked, blocking me from logging in. Thanks.

    Next question:

    I am getting hit with “plugin scans”. It appears (via my csf Apache Status alerts) that my site is occasionally being flooded for requests for plugins that do not exist.

    GET /wp-content/plugins/woopra/tags/…
    GET /wp-content/plugins/open-flash-chart-core-wordpress-plugin/…
    GET /wp-content/plugins/woopra/tags/1.4.2/inc/php-ofc-library/…

    etc, etc.

    Will WordPress Simple Firewall help with that?

    Thanks for any info.

    Plugin Author Paul

    (@paultgoodchild)

    There is nothing to do there. These are just web requests and there’s nothing that a web request, in and of itself, should be blocked for.

    What you might want to consider is placing some .htaccess files in your “plugins” folder to prevent direct access, but then you don’t know how that might affect your plugins.

    Unless a web request is malicious, in and of itself, they shouldn’t really be blocked and shouldn’t really be. You’re being “scanned” for the existence of plugins with vulnerabilities. Your best protection is:
    – keep WordPress updated
    – keep your plugins updated.

    Hope that helps.

    Thread Starter fwunder

    (@fwunder)

    It does help. Thank you.

    Seems a static 404 file might help too. At least with the crazy cpu rates the built in 404 seems to eat up when getting slammed with non-existent page requests.

    Thanks again and great work!

    Plugin Author Paul

    (@paultgoodchild)

    No problem! Happy to help ??

    Do you fancy leaving the plugin a nice www.ads-software.com review if you like it?

    Thanks!
    Paul.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘How to test firewall functions’ is closed to new replies.