Question about whitelisting user-agents by IP address

  • Resolved SolidHostDesign

    (@solidhostdesign)


    5 months, 1 week ago

    Hello,

    I’ve been having a problem activating a site in the InfiniteWP admin page. I checked in Live traffic and see numerous attempts (mine I’m thinking), where the connection attempts from the admin side to the client plug-in are being blocked. I unblocked it and the connection completed. I am wondering if there is a way to tell Wordfence to allow communications between my admin side of InfiniteWP to the InfiniteWP client plugin on the site. In the live traffic display I see the infinite user agent being blocked. I would like to be able to allow the connection based on agent and the associated IP address. Is that possible?

Viewing 5 replies - 1 through 5 (of 5 total)

  • Hey @solidhostdesign,

    This topic should help answer your question.

    Worth Exploring:

    1. Have you tried whitelisting Wordfence’s IPs within your InfiniteWP dashboard?
    2. Have you tried running Wordfence from within your InfiniteWP dashboard? If so, results?
    3. Are you using the latest version of InfiniteWP and Wordfence? Reason for asking.

    Cheers!

    Thread Starter SolidHostDesign

    (@solidhostdesign)

    Hi,

    Thanks for responding to my question. In response to your questions:

    1. Wordfence is doing the blocking not Infinite WP. So, I’d like to be able to whitelist the specific IP address+the User Agent to minimize the chance of the agent being spoofed.
    2. I’m unclear what you mean here.
    3. Yes, Yes.

    Hey @solidhostdesign,

    In response:

    1. You cannot whitelist User Agents with Wordfence, only IPs.
    2. Are you able to run Wordfence as noted in the link?
    3. Great!

    Last, did you contact InfiniteWP for assistance? I bet they know a thing or two about your issue.

    Best wishes!

    Plugin Support wfmargaret

    (@wfmargaret)

    Hi @solidhostdesign,

    Thanks for reaching out. As @generosus advised, you cannot allowlist User Agents. User agents can be spoofed very easily and it is therefore never secure to allowlist a user agent. You can allowlist IP addresses by adding them to the list at Wordfence > Firewall > Manage WAF > Advanced Firewall Options > Allowlisted IP addresses that bypass all rules. We recommend only allowlisting the IP address if it is static and trusted, as allowlisted IP addresses will bypass all firewall rules.

    Sometimes an “ADD PARAM TO FIREWALL ALLOWLIST” button appears in this section which you can click to allow these types of requests in the future. Also,?Learning Mode?can help easily allow normal site/plugin operations if they’re being blocked.

    From the Wordfence Dashboard click on Manage WAF. Then you will see Basic Firewall Options > Web Application Firewall Status. Change the option to Learning Mode. Now proceed to activate the site in InfiniteWP. This will help Wordfence learn that these actions are normal and it will allow them in the future. After you have finished, switch the WAF from Learning Mode back to Enabled and Protecting then test to see if you’re still seeing any actions from InfiniteWP being blocked.

    https://www.wordfence.com/help/firewall/learning-mode/ is an amazing resource for learning more about the WAF and learning mode.

    Let us know how it goes!

    Thanks,
    Margaret

    Thread Starter SolidHostDesign

    (@solidhostdesign)

    HI All,

    I cleared the issue for now… The issue was PHP related. I think Infinite needs to start working on support for PHP 8.x as I have servers where I am trying to get the various sites using the same generation of PHP just for sanity’s sake. As far as the allow list business, the situation was noticed while troubleshooting… So…

    @generosus Thank you.

    @wfmargaret Yes I was going to ask about that as I saw the “ADD PARAM TO FIREWALL ALLOWLIST” button pop up. But it disappeared. Maybe add that option in the Option area? Would be nice to be able to do an allow tied to an IP(+Mac) and Agent. Though it is less secure, the specificity of the parameters should reduce the attack surface. Maybe the option to use the “ADD PARAM” with a token of sorts? But what do I know…

    All the best and thanks again!

    RB

Viewing 5 replies - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.