Support » Plugin: Pareto Security » allowed IP’s

  • Resolved alx359

    (@alx359)


    Every other week PS is banning my home IP or the live server IP. How to put both IP’s in an allowed list, so they don’t get blocked again? Thanks.

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author te_taipo

    (@te_taipo)

    Firstly, the quick fix:
    – Enable Advanced Mode, and a Domain Name Safe List will be enabled
    – In the Domain Name Safe list, add the IP addresses you want to protect, one line per IP address, also including the domain names and subdomain names of the website, one line per domain name.

    Secondly, if you have time I would like to try and determine what it is about your situation that is causing this. Pareto Security should not ban any logged in administrators and editors IP address, nor should it ban the server IP address.

    So when you get a chance, can you please tell me some more about your specific server set up:
    – Are you using Cloudflare or some other CDN service?
    – Are you using Multisite, or some other method of admininistration across several sites?
    – When your home IP has been banned, were you logged in at the time, and if so what level of authentication (i.e admin, editor, author etc)
    – Lastly can you paste in one of the lines from the logfile that shows the entry that banned the IP address

    • This reply was modified 1 year ago by te_taipo.
    Thread Starter alx359

    (@alx359)

    Thanks for your answer.

    – Are you using Cloudflare or some other CDN service?

    Yes, I’m using Cloudflare. Also might be related, but have a CF firewall rule to protect wp-admin:
    (http.request.uri.path contains "/wp-admin/" and not http.request.uri.path contains "/wp-admin/admin-ajax.php" and not http.request.uri.path contains "/wp-admin/theme-editor.php")

    – Are you using Multisite, or some other method of admininistration across several sites?

    No, single-site only.

    – When your home IP has been banned, were you logged in at the time, and if so what level of authentication (i.e admin, editor, author etc)

    Yes, was logged as an admin and clicking around.

    – Lastly can you paste in one of the lines from the logfile that shows the entry that banned the IP address

    18-11-2020
    02:23:20 PM 	High 	[Blacklist]<home_ip> 	GET 	index.php 	[banned] injection request: page=1&per_page=25&status=unactioned&orderby=date&order=desc&_fields[0]=id&_fields[1]=name&_fields[2]=title&_fields[3]=content&_fields[4]=type&_fields[5]=status&_fields&lbr...
    12-11-2020
    06:09:07 PM 	High 	[Blacklist]<server_ip>	GET 	index.php 	[banned] cookie: cc741236fec3881e68873a634bacab66ea8549b3-1605197346-1800-atpkww1 230gqo4wrc8svffhlp2fyfkdbvb9aomwgetz
    Plugin Author te_taipo

    (@te_taipo)

    I have just posted an update which will hopefully address those issues. Unfortunately I do not have a site using the Cloudflare CDN so cannot test this in the wild. However check out version 2.8.7 and let me know how this goes, this update at least better prevents admins from being banned.

    I will keep this support request open for now.

    Thread Starter alx359

    (@alx359)

    Thank you. Will report how it goes.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘allowed IP’s’ is closed to new replies.