IPs blacklisted in AIOWPS, showing up in NewStatPress visitor log?

  • Probably an amateur’s mistake…

    I collect suspect addresses from the NSP visitor log, based on access behavior and/or Google checks. (It’s nice that one can just put an address into the search bar, and get reports directly!) Add these into the Blacklist Manager in All In One WP Security. Some of the attacks come from numerous close addresses, so I have a number of wildcarded blocks as well: 178.137.*.* e.g.

    This worked fine for a long time. But now daily find visits from banned addresses or ranges. Has the black/blocklisting system changed? Something else I’m doing wrong?

    In case it matters, I have several security plugins running at once: AIOWPS, Acunetix, iThemes, Limit Login Attemps and WP Cerber. Is this a problem? They haven’t seemed to interfere, and all protection is welcome given the astonishing number of spammers etc.

    Thanks in advance for any advice.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Thread Starter ctenos

    (@ctenos)

    Can anyone please help? Now running three plugins with blacklist functionality; hope they don’t conflict.

    I loaded the list of banned IPs into WP Security “Blacklist Manager,” iThemes Security “Banned Hosts” and IP Geo Block “Blacklist of extra IP addresses prior to country code.” Still getting multiple hits from banned addresses.

    Latter two plugins change the formatting of copy-and-pasted wild-card blocks. E.g.,
    WP Security “104.128.*.*” turns into
    iThemes “104.128.0.0/16” and “104.128.0.0”
    IP Geo Block “104.128..” and “104.128.0.0”

    I didn’t find a guide to correct wildcard formatting on the latter two plugins, so perhaps need to re-enter all the blocklist items.

    Any help in stopping these attacks would be appreciated. I don’t know if they can cause any harm, but they do fill up the NewStatPress visitor list and make it hard to track legitimate readers!

    • This reply was modified 8 years, 2 months ago by ctenos.
    Thread Starter ctenos

    (@ctenos)

    In case it matters, I seem to have several .htaccess files in various directories. Most of them are ca. 250 bytes. The one that’s the WP root directory (“public_html/blogtitle” – is that called the root directory?) is much larger, almost 300 kB, and contains all the blacklisted URLs, user agents, and a list of “Require not ip” addresses.

    Should I delete all the other instances of .htaccess? Is that the best location for the big .htaccess file? Would moving it confuse the security plugins that use it?

    Thanks for any help, and I hope this will be useful to others as well.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘IPs blacklisted in AIOWPS, showing up in NewStatPress visitor log?’ is closed to new replies.

Tags