Hi,
Your site is safe, but 127.0.0.1 is the localhost IP. Do you see it anywhere else in the firewall log, or there is only this occurrence? Is there any warning in the firewall “Overview” page about your IP?
Hi,
I also found these:
127.0.0.1 GET /index.php - Bogus user-agent signature - [SERVER:HTTP_USER_AGENT = User-Agent:Mozilla/4.0
09/Dec/17 02:27:07 127.0.0.1 GET /index.php - Suspicious bots/scanners - [SERVER:HTTP_USER_AGENT = Mozilla/5.0 (compatible; NetcraftSurveyAgent/1.0; +info@netcraft.com)]
10/Dec/17 04:10:45 127.0.0.1 GET /index.php - Suspicious bots/scanners - [SERVER:HTTP_USER_AGENT = Mozilla/5.0 (compatible; NetcraftSurveyAgent/1.0/cc-prepass-https; +info@netcraft.com)]
15/Dec/17 00:14:56 127.0.0.1 GET /index.php - Suspicious bots/scanners - [SERVER:HTTP_USER_AGENT = Mozilla/5.0 (compatible; NetcraftSurveyAgent/1.0/cc-prepass-https; +info@netcraft.com)]
I put the .htninja in /home/user/public_html/.htninja, because my hosting not allow to put into /home/user/.htninja. I guess maybe cause by Cloudflare, Cleantalk spam firewall or Varnish.
The most important is website is safe, haha
Thanks:)
There’s something wrong with your configuration and/or the .htninja.
You can click on “About…” and then on the “System Info” button. It will show you which IP (REMOTE_ADDR) is detected by NinjaFirewall.
