WordPress.org

Ready to get started?Download WordPress

Forums

iThemes Security (formerly Better WP Security)
[resolved] [Plugin: Better WP Security] 404 Lockouts and Varnish (4 posts)

  1. dma999999
    Member
    Posted 1 year ago #

    Hi. I suspect I know the answer to this question but will ask it anyway, just in case: I currently have WP setup on Varnish+Nginx. Varnish sits at the front listening on 80, then passes stuff on on Nginx through 8080.

    I turned on the 404 detection thing in BWPS, which I think is a great idea, but unfortunately it seems that it identifies all hits as coming from 127.0.0.1 when I look at the log. Needless to say, that is a bit of a problem, since it just locks down everything. So for the time being I've shut it down (404 detection, that is), but I was wondering if there might be a way to configure so that this wouldn't happen.

    Of course, this all involves some speculation as to what is going on.

    Any thoughts or suggestions? I certainly wouldn't mind using this functionality.

    http://wordpress.org/extend/plugins/better-wp-security/

  2. I'm looking at a way to use the forwarded IP reliably but there is currently no solution to your issue. By design the plugin looks for the server variable of the client IP so in the case of a proxy server it will always see the proxy itself as the end client and react accordingly.

  3. dma999999
    Member
    Posted 1 year ago #

    Thanks for the note. I figured as much. Perhaps then consider having the plugin flag a warning or something when it sees 127.0.0.1 to alert folks to this issue? Just a thought.

    As always, really appreciate the great work on this plugin - very helpful!

  4. Thanks. I'll be taking a heavy look at this soon.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags