Plugin Support
wfphil
(@wfphil)
Hello,
Sorry to hear you are having this problem.
Please go to the Rate Limiting Rules section on the Options page.
What value per minute do you have for the following settings please?
If anyone’s requests exceed
If a human’s page views exceed
If a human’s pages not found (404s) exceed
Thread Starter
zztype
(@zztype)
Thanks for the reply, Phil.
I leave all my sites at the default settings.
Rate Limiting Rules
Immediately block fake Google crawlers Yes
How should we treat Google’s crawlers Verified unlimited
If anyone’s requests exceed 960
then throttle
If a crawler’s page views exceed 960
then throttle
If a crawler’s pages not found (404s) exceed 30
then throttle
If a human’s page views exceed 30
then block
If a human’s pages not found (404s) exceed 60
then block
If 404s for known vulnerable URLs exceed 10
then block
How long is an IP address blocked when it breaks a rule 2 hours
I have this same setup running on 120 sites, but out of them, 20 or 30 have given me this problem, on and off.
I have tried turning off login security on Bulletproof Security.
I thought it was due to Jetpack’s Photon CDN. Turned that off.
Then I thought it might be caching software Simple Cache, so disabled that.
It still pops up from time to time. I have had to disable all blocking on some of the sites as I need them to be available. I wish I could turn off only Rate Limiting or Advanced Blocking or some combination, without shutting the whole thing down.
It’s really embarrassing when I am showing a prospective client the site (and I know they have not been visiting the site) and I get a lockout screen.
Any help or suggestions are greatly appreciated.
Is there a debug mode I can invoke or a log file I can send you to help?
Thanks so much,
Blaine
Plugin Support
wfphil
(@wfphil)
Hello Blaine,
Thanks for the requested information. Bullet Proof Security state in their forum that it is compatible with all other security plugins as long as similar functions are not enabled on another security plugin otherwise conflicts can arise. As far as I’m aware Bulllet Proof Security doesn’t temporarily limit or block visitor activity so I don’t think this would be the cause.
It’s interesting you mention when you show a prospective client the site that you get a Wordfence limiting information page. Does it happen as soon as you visit the home page of the site or do you engage in other activity on the site before you get limited?
On your screenshot it’s strange that the reason for the limit doesn’t mention human activity. It’s also strange that you have blocks placed on human activity but you are seeing the information page for throttling.
I will consult co-workers also to see if they have any ideas.
