"Access has been limited" – firewall

  • mscwebmaster

    (@theresajennings2011)


    10 years, 2 months ago

    Free version: This has happened on two sites.

    When I check the box for the firewall, it blocks visitors from seeing the site. They get an error page that says access to site has been limited. When I uncheck the box, the site is visible again.

    I haven’t blocked any countries on either. One of the sites is for an international ministry, with a location in Eastern Europe, so I can’t block that country.

    Also, once i unchecked the box, the scans for people locked out stopped timing out. They were timing out even when the hosting account was upgraded to one with way more resources – a VPS.

    https://wordpress.org/plugins/wordfence/

Viewing 4 replies - 1 through 4 (of 4 total)
  • WFBrian

    (@wfbrian)

    10 years, 2 months ago

    Hi,

    It sounds like you may be behind a reverse proxy. Try changing the option on how Wordfence gets IPs.

    https://docs.wordfence.com/en/Wordfence_options#How_does_Wordfence_get_IPs

    -Brian

    Thread Starter mscwebmaster

    (@theresajennings2011)

    10 years, 2 months ago

    I’m not sure how I’d be on a reverse proxy, since these are two different hosting companies and I wouldn’t know a reverse proxy if I fell over it. Thank you for the article. Unchecking the box fixed it for the time being.

    Plugin Author WFMattR

    (@wfmattr)

    10 years, 2 months ago

    Hi Theresa,

    This could also happen if the sites have any strict options set in the “Firewall Rules” section on the Wordfence options page. Can you post a list of what your options say in that section?

    A reverse proxy could be set up by the hosting company for performance reasons, or it could be in place if you use a service like CloudFlare. If you look at the Live Traffic page (even when the firewall is still disabled), you should be able to see your own IP address for your last login on the Logins and Logouts tab — if you see a different IP than your own, then there is a reverse proxy in use.

    If that’s the case, you can set the option “How does Wordfence get IPs” on the Wordfence Options page — depending on what software your server is using, you may need to choose the X-Real-IP or X-Forwarded-For option, or if you use CloudFlare, then choose the CF-Connecting-IP option.

    After setting the option, you can verify it is working by looking at the Live Traffic page, and visiting the site in a separate browser where you are not logged in, and verify that your own IP appears in your own visits. (If Live Traffic is disabled, try logging in using the second browser, since logins and logouts are still recorded.)

    -Matt R

    Thread Starter mscwebmaster

    (@theresajennings2011)

    10 years, 2 months ago

    Immediately block fake Google Crawlers
    Verified Google crawlers have unlimited access to this site
    60 per minute, throttle for all
    Locked out for 1 month

    I see my IP in Logins and Logouts. No CloudFlare.

    I accessed the site via FireFox (I use Chrome), and don’t see my IP (TWC) there. I refreshed the Chrome page a few times. Live Traffic is enabled. I’ve removed my IP address from comma-separated IP address to ignore under Live Traffic, and the box for don’t log signed in users has been unchecked.

    I had the same problem with another client on another host. Can’t recall the client, and therefore the host, right now.

    I just turned off the firewall, and all is well.

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘"Access has been limited" – firewall’ is closed to new replies.

Tags