Wildcards with Wordfence?

  • Resolved rpsellers

    (@rpsellers)


    10 years, 2 months ago

    Two related questions. Wordfence does a great job at locking out attempted intrusions, but when I to permanently block those IP addresses, can I use wildcards with Wordfence the same way I can with Ithemes security? I’d rather be safe than sorry and usually do permanently block IP addresses that attempt to log in with “admin” or intrude in similar ways, but can’t seem to find out if I can do this in Wordfence under the “manually block IP” tab. I’d rather not have to switch from one to the other (I run both on a couple of sites with high spam / attacks) but can’t seem to find anyone who knows if it will work.

    Second question – related – when attempts are coming from closely related IP addresses, does blocking one specific somehow step up the attempts to intrude? I’ve begun noticing that as soon as I block one, I’ll get 3 or 4 from others only separated by a number or two in the last grouping. Is blocking simply asking for more attention?

    https://www.ads-software.com/plugins/wordfence/

Viewing 4 replies - 1 through 4 (of 4 total)

  • Great questions!

    So in your first question when you say wildcards, do you mean blocking everyone from an ip? Example : instead of blocking one ip like 192.168.1.12, you want to block all in that range like 192.168.1.1-255

    Second, there is an option below the ip address in the blocked ip’s page or live scan page that lets you ‘block this network’ which should kill all those in the range. That would help when you saw only the last octet changing in the ip address between hacks. I don’t think its asking for more attention, its just a function of the bot software.

    Let me know about the first question.

    Thanks!

    tim

    Thread Starter rpsellers

    (@rpsellers)

    Ah… The “advanced blocking” part… that somehow I’ve managed to miss and ignore so far! So instead of using the * like 192.168.1.* I would just insert the range “1-255″… Got it! (I’m used to putting in the * for the ranges to indicate every subset in that octet.)

    Thanks for the tip. I’m doing some back checking on the other – it seems that once I block some IP addresses – mainly from China or Russia, then the number of future attempts to login or use the lost password function (that Wordfence catches every time so far) go up for a period of time. I need to go back over logs carefully instead of relying on anecdotal memory.

    Thanks again.

    RPS

    No problem! We love to help. ??

    I’ll go ahead and mark this resolved. If you find you have more questions about this, re-open and I’ll be happy to assist.

    tim

    Thread Starter rpsellers

    (@rpsellers)

    My bad… I should have done that exact thing…

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Wildcards with Wordfence?’ is closed to new replies.