WordPress.org

Ready to get started?Download WordPress

Forums

Wordfence Security
[resolved] Whitelist IP rule bypass & multisite notifications (2 posts)

  1. esgtomhodgson
    Member
    Posted 6 months ago #

    Hi,

    I am using WordPress on my site and think it's great. I just want to check something before I implement a strict user blocking policy to prevent hackers, we are seeing a lot of login attempts for admin users etc and I want to make sure my understanding of the Whitelist feature is correct.

    We have a static IP address at out offices (e.g. 12.34.56.78) so I have added this IP to the "Whitelisted IP addresses that bypass all rules" field in the settings menu.

    My query is will this absolutely 100% ignore and not block anyone coming from 12.34.56.78. My concern being that there are a few editors on this site and if they forget their username and incorrectly enter their credentials they would have the possibility to block any traffic from the IP 12.34.56.78 and subsequently one person could lock out all the admins/editors as they would also be attempting to visit the site from 12.34.56.78.

    My concern is that I will be putting a strict policy on this and blocking the IP addresses for a very long time, up to 60 days.

    Thanks

    Tom

    https://wordpress.org/plugins/wordfence/

  2. Wordfence
    Member
    Plugin Author

    Posted 6 months ago #

    Yes we call a function isWhitelisted before doing any blocks and if the IP matches, it returns immediately. So it's safe. However please ensure you're running WF 4.0.3 because 4.0.2 which was only out for a few hours until we fixed it contains a subtle bug which may interfere with this.

    Regards,

    Mark
    PS: If you found this helpful, please rate Wordfence 5 stars.
    http://wordpress.org/plugins/wordfence/

Reply

You must log in to post.

About this Plugin

About this Topic