Traffic Inspector locking out php pages

  • Resolved afonseca08

    (@afonseca08)


    6 years, 10 months ago

    I just realized WP Cerber was locking out IP’s that try to access PHP pages on our site. This is a big issue with our site as we use a non-WordPress PHP script as our checkout page, so users who tried to buy something were locked out!

    Probing for vulnerable PHP code Locked out
    URL: mydomain.com/customscript/signup.php

    Earlier I found it was also locking out the web server’s IP itself when it was using lynx to access a PHP page on the same server.

    I’ve since disabled Traffic Inspector but wanted to post about it here as it may have already cost me some $’s.

Viewing 8 replies - 1 through 8 (of 8 total)
  • Thread Starter afonseca08

    (@afonseca08)

    I should also comment, I like the idea of this feature as looking in the logs I can see there are several requests probing our existing and non-existing php pages and many of these requests coming from Russia (not the target market for our usual website visitors).

    However, it was definitely locking out real customers who contacted us saying they couldn’t purchase and were getting an error page instead of the checkout page. I tried this myself by browsing from my cell phone and also got my IP locked out before I disabled the feature:

    161.sub-174-216-18.myvzw.com January 24, 2018, 12:18 am
    Subnet blocked

    Yes, that is my Verizon US based carrier. So looks like this feature has potential but may not be ready for production. Otherwise, nothing but praise for this plugin.

    We have been seeing the same issue. Customers were not able to access a number of pages on our site, and it appeared the traffic inspector was blocking them. I have temporarily rolled back to v 5.9 to see if that will fix the issue.

    Plugin Author gioni

    (@gioni)

    Hi!

    Is your site on Windows/IIS hosting (server)?

    @torka You could just disable traffic inspection without rolling back.

    Thread Starter afonseca08

    (@afonseca08)

    No, it’s running Linux/Apache.

    We are also on *nix/Apache.

    I confess, I didn’t look all that closely before rolling back, so this is maybe a dumb question, but how would I go about disabling traffic inspection?

    Duh! Never mind. I found it… /me slaps forehead

    Plugin Author gioni

    (@gioni)

    Hi guys!

    How is it going?
    Since the version 6.1. you can add problematic php scripts to a whitelist.
    Read more: https://wpcerber.com/traffic-inspector-in-a-nutshell/

    @torka
    @afonseca08

    Thread Starter afonseca08

    (@afonseca08)

    Hi @gioni, thank you for adding the PHP script whitelist. I’ve re-enabled the Traffic Inspector feature and excluded the problematic scripts. I’ll report back if I see any issues. Thank you again for addressing this.

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Traffic Inspector locking out php pages’ is closed to new replies.