Sucuri and InfiniteWP – Broken sites after Sucuri install

I will have to investigate how “InfiniteWP” works before I can provide a definitive answer to your question, but for now I can tell you that the Sucuri plugin does not blocks connections on its own, this would be the case if the “Firewall WAF” page is enabled but only CloudProxy users have that.

Thanks for your reply Yorman.

In a nutshell, one installs the IWP plugin, where then a generated bit of connection data is created. One copies that in a click. One then creates a ‘New Site’ connection with the web-app, and pastes in that connection data.

Once that is done, when the IWP web-app is loaded, or request for data-reload is initiated, it reaches out through that connection-tunnel to check on whether there are any theme, plugin, or WordPress updates are needed. If so, can can then perform those updates as required.

Hope that helps.

Have you read these articles [1]?

I just finished the installation of that control panel, added three sites and started monitoring the HTTP requests sent to them via that “connection tunnel” as you call it.

I notice that most (if not all) the connections are sent to the “/wp-admin/” URL of each site via POST when an action is requested, for example, when the “Reload Data” link is clicked. The credentials previously added during the activation of the “iwp-client” plugin are used to authenticate the request and force the plugin to run the operation, either an update of a plugin, theme, core files, or whatever.

As I said in my previous comment, the Sucuri plugin does not blocks any request, and even if it was the culprit you would be able to inspect the blocked events in the “Audit Logs” panel. You mentioned to have installed a different plugin named “Wordfence” maybe you have to whitelist the IP address of the server where the “InfiniteWP” control panel is hosted, you can try that.

[1] https://www.google.com/search?q=wordfence+blocks+infinitewp

Thanks again Yorman, I’ll track down that end now. Thanks for this checkbox presumably being checked-off. ??

As a non-programmer, curious as to what you’d use as the correct terminology for the connection between the app and the connected website. ??

Choose three of those sites that you have added in the control panel, make one a vanilla installation, install the Sucuri plugin in the second one, and install Wordfence in the third one. You will find the culprit more easily that way.

As for the term used to describe the communication between the control panel and the plugin client, I do not know the correct term but what I saw in the logs does not seems to be a tunneled connection [1][2] but as people say in my country “For Good Listener Few Words”.

Marking as resolved, but feel free to contact me if you need more information.

[1] https://en.wikipedia.org/wiki/HTTP_tunnel
[2] https://en.wikipedia.org/wiki/Tunneling_protocol

Danke Mate.