WordFence reports ip-tables blocked address

  • I have manually blocked an IP address in WordFence, 185.130.5.xxx. When I look at the Blocked IPs WordFence page, it always shows that it was blocked recently, and the counts keeps growing slowly.

    So I went to IP tables, and entered:
    iptables -A INPUT -s 185.130.5.xxx -j DROP

    I saved my changes and restarted the iptables service, and I see the entry when I do a –list:
    DROP all — 185.130.5.xxx anywhere

    And yet, the WordFence Blocked IPs page continues to show an incrementing count of blocked access attempts.

    Any assistance on why an IP that should be blocked by iptables is being recorded by WordFence blocked IPs?

    https://www.ads-software.com/plugins/wordfence/

Viewing 1 replies (of 1 total)
  • Thread Starter SomeNYCGuy

    (@somenycguy)

    Ok, my bad, it looks like I didn’t have the proper order for the iptables statements.

    I had the ‘DROP’ for this specific IP address after the ‘ALLOW’ for all HTTP traffic in my iptables list. I moved it above the ‘ALLOW’, and it seems like it’s working now. Where I was seeing access every 30 seconds or so, I now see no access in 4 minutes.

    Guess I’ll have to go and read up on my iptables.

Viewing 1 replies (of 1 total)
  • The topic ‘WordFence reports ip-tables blocked address’ is closed to new replies.

Tags