[Plugin: Better WP Security] 404 Lockouts and Varnish

  • Resolved dma999999

    (@dma999999)


    11 years, 8 months ago

    Hi. I suspect I know the answer to this question but will ask it anyway, just in case: I currently have WP setup on Varnish+Nginx. Varnish sits at the front listening on 80, then passes stuff on on Nginx through 8080.

    I turned on the 404 detection thing in BWPS, which I think is a great idea, but unfortunately it seems that it identifies all hits as coming from 127.0.0.1 when I look at the log. Needless to say, that is a bit of a problem, since it just locks down everything. So for the time being I’ve shut it down (404 detection, that is), but I was wondering if there might be a way to configure so that this wouldn’t happen.

    Of course, this all involves some speculation as to what is going on.

    Any thoughts or suggestions? I certainly wouldn’t mind using this functionality.

    http://wordpress.org/extend/plugins/better-wp-security/

Viewing 3 replies - 1 through 3 (of 3 total)
  • Bit51 (part of the iThemes family)

    (@bit51)

    11 years, 8 months ago

    I’m looking at a way to use the forwarded IP reliably but there is currently no solution to your issue. By design the plugin looks for the server variable of the client IP so in the case of a proxy server it will always see the proxy itself as the end client and react accordingly.

    Thread Starter dma999999

    (@dma999999)

    11 years, 8 months ago

    Thanks for the note. I figured as much. Perhaps then consider having the plugin flag a warning or something when it sees 127.0.0.1 to alert folks to this issue? Just a thought.

    As always, really appreciate the great work on this plugin – very helpful!

    Bit51 (part of the iThemes family)

    (@bit51)

    11 years, 8 months ago

    Thanks. I’ll be taking a heavy look at this soon.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘[Plugin: Better WP Security] 404 Lockouts and Varnish’ is closed to new replies.

Tags