Hi @mirandolo, thanks for reaching out about this.
Automatic or manual blocks via Live Traffic will block an IP for the duration you have specified under Wordfence > All Options > Rate Limiting Rules > How long is an IP address blocked when it breaks a rule, which could be as low as 5 minutes. You can increase this value to hours or even days to try stemming the flow of retries if you’re noticing a lot of activity from certain IPs.
During the timescale specified in the above setting, they’ll appear on the list in the Wordfence > Blocking page. It is possible to click the “Make Permanent” button here after checking the box next to one or more IPs. However, it’s important to note that Wordfence does all of the important blocking automatically so you don’t have to. It may be tempting to permanently block these when you see them but it’s generally an ineffective strategy, taking up your time. Wordfence considers intent of an IP’s request to your site when blocking, so increasing the time they’re blocked before they can retry might be the best deterrent.
If you’re referring to IPs that you’ve already made permanent, note that Wordfence is an endpoint firewall that runs after PHP loads, but when optimized, before WordPress loads. This means that it can’t stop IPs from physically making requests to your site but it can stop them from being served any content. You could look at blocking IPs in any firewall provided by your hosting plan to block IPs at an earlier stage.
Thanks,
Peter.
