Hi,
To confirm if the blacklist feature works try using your IP address to block yourself temporarily. Follow the steps below.
Note: If the blacklist is working properly you will see a “403 Forbidden” error whenever anyone with a blacklisted IP address attempts to access your site.
1) Make sure you are logged into your server using FTP. This will be handy to unlock yourself if needed.
2) Log into WordPress admin panel and add your IP address to the blacklist settings.
3) Try accessing your site from a browser where you are not logged in.
You should be denied access. If not, then the apache directives are not working on your server.
(If things are working fine and you do get blocked, just FTP your .htaccess file from your server to your computer and edit that file and remove the part of the code which has your IP address and then FTP the file back to the server)
Let me know if the above helps you.
Thank you
Thread Starter
MV
(@mvenkadesan)
I tried as you suggested, but it had no effect. I could not block myself. The .htaccess file had the entry banning my IP, but some other setting is probably overriding it. I even tried restarting my Apache server, but it did not help.
Hi,
I tried as you suggested, but it had no effect. I could not block myself.
Have you also whitelisted your IP address?
Thank you
-
This reply was modified 5 years, 9 months ago by
mbrsolution.
Thread Starter
MV
(@mvenkadesan)
I checked that already. No IP addresses on the whitelist.
If that is the case, I suggest that you speak to your host about this issue as per my comment above.
If not, then the apache directives are not working on your server.
Let me know what they say?
Thank you
Thread Starter
MV
(@mvenkadesan)
I had to follow the instructions here and it worked:
https://docs.bitnami.com/bch/apps/wordpress/troubleshooting/deny-connections-bots-apache/
It seems that your plugin has some issue with Bitnami stacks for WordPress on Amazon Lightsail. That makes me think that most of the edits to .htaccess from your plugin may not be working.
Thread Starter
MV
(@mvenkadesan)
Below is the code that I had to insert inside the <Directory> tag:
<IfVersion < 2.3 >
Order allow,deny
Allow from all
Deny from 47.52.98.110
</IfVersion>
<IfVersion >= 2.3>
<RequireAll>
Require all granted
Require not ip 47.52.98.110
</RequireAll>
</IfVersion>
Thread Starter
MV
(@mvenkadesan)
I tracked it down to a setting in /opt/bitnami/apps/wordpress/conf/httod-app.conf, which says AllowOverride None. I may have to change it to AllowOverride All in order allow the .htaccess to override the settings in httpd-app.conf. I found the tip from a Bitnami Developer’s suggestion.
But when I tried changing it, I get a server error, which makes me think that that is not the way to solve the issue.
EDIT: The server error was due to some customization that I had added and none of the plugins. I have now set AllowOverride All and the IP blocking is working fine. This is because the default for Apache > 2.3 is None.
There is a potential security risk on setting it to All. But as it has been argued, if someone with malicious intent has access to my root folder then I have many bigger problems on hand.
-
This reply was modified 5 years, 9 months ago by
MV.
-
This reply was modified 5 years, 9 months ago by MV.
Thank you for sharing this information. I am sure this will help others running into the same issue. Who is your host if you don’t mind me asking?
If your issue is resolved can you mark this support thread as resolved.
Thank you
-
This reply was modified 5 years, 9 months ago by mbrsolution.
